Security Basics mailing list archives
Re: Strange Web Server Log Entries
From: Sean Malloy <spinelli85 () gmail com>
Date: Thu, 6 Dec 2007 21:57:50 -0600
On Thu, Dec 06, 2007 at 07:14:17PM -0700, Frynge Customer Support wrote:
The way I take it is... Someone with this ip address: 65.117.101.194 is attaching from this server or a form or sql injection from this server:http://lti-mail01.ltinetworks.com:25 And trying to send mail, probably from a form on your server or by sql injection... I would check your scripts on your server, check your forms and check anything that uses mysql database for any security leaks. Kelly Sigethy Frynge.com Frynge Web Design - Portfolio 403-251-9486 (Calgary) 1-866-331-9684 (Toll Free) Your one stop shop, for all your web design needs
Well, I don't have any forms or scripts on my website. All my site serves is static XHTML and CSS. It's pretty boring. I used to have MySQL installed (I just uninstalled it), but I never set it up or turned on. The only services it runs is SSHD(public key authentication only), Apache in a chroot jail, and sendmail(which only listens on localhost). I was originally going to set up a BAMP server, but I decided against it because I really didn't know what the hell I was doing. Thanks for the advice. -- Sean Malloy Home Page: www.catgrepsort.com
Current thread:
- Re: Strange Web Server Log Entries, (continued)
- Re: Strange Web Server Log Entries Sean Malloy (Dec 07)
- Re: Strange Web Server Log Entries infolookup (Dec 07)
- Re: Strange Web Server Log Entries Sukbum Hong (Dec 07)
- Re: Strange Web Server Log Entries Sean Malloy (Dec 07)
- Re: Strange Web Server Log Entries Zapotek (Dec 07)
- Re: Strange Web Server Log Entries steve menard (Dec 07)
- Re: Strange Web Server Log Entries Zapotek (Dec 07)
- Re: Strange Web Server Log Entries steve menard (Dec 08)
- Re: Strange Web Server Log Entries Zapotek (Dec 08)
- Re: Strange Web Server Log Entries steve menard (Dec 07)