Full Disclosure mailing list archives
RE: Need help to find web server attacks signature
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Wed, 22 Oct 2003 15:05:29 -0500
-----Original Message----- From: Maxime Ducharme [mailto:maxime () pandore-design com] Sent: Wednesday, October 22, 2003 12:40 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] Need help to find web server attacks signature Hi all, i'd need help to identify an attack that happened on one of our customer's web server yesterday, I put the log file here : http://www.pandore-design.com/security/2003-10-21-IIS-attack.t
xt Looks like a vuln scanner that's designed to try a number of default install mistakes to see if anything works. The previous poster may be correct that it was NIKTO. Could also be whisker or stealth. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Need help to find web server attacks signature Discini, Sonny (Oct 22)
- <Possible follow-ups>
- Re: Need help to find web server attacks signature Maxime Ducharme (Oct 22)
- RE: Need help to find web server attacks signature Schmehl, Paul L (Oct 22)
- Re: Need help to find web server attacks signature Maxime Ducharme (Oct 22)