Security Incidents mailing list archives
Re: CGI Scans on web server
From: "Jay D. Dyson" <jdyson () treachery net>
Date: Fri, 8 Dec 2000 04:44:27 -0800
-----BEGIN PGP SIGNED MESSAGE----- On Tue, 5 Dec 2000, Bjorn Djupvik wrote:
Is people still doing this? These are ancient exploits but I still got scanned for them.. ahh well....
Yep, people are still scanning for them. In a way, it makes
sense: why go out of your way to look for a hole in a (presumably)
reinforced front door when the back window is wide open?
The only thing I wish these scriptmonkeys would do differently is
at least do a HEAD request or an 'nmap -p80 -O' on the target system
before launching their scan utilities. At least then my logs wouldn't get
bloated by so many IIS intrusion attempts on my Solaris/Apache servers.
- -Jay
( ______
)) .-- "There's always time for a good cup of coffee." --. >===<--.
C|~~| (>------- Jay D. Dyson --- jdyson () treachery net -------<) | = |-'
`--' `- I'm not surrounded, I just have more targets now. -' `-----'
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: E-mail me for my PGP Public Key.
iQCVAwUBOjDXtdCClfiU/BIVAQH89wQAuR2dERHDpwrP7AGNwlSzWihi3nYBgkof
DEO7/lDRNu1zC50+0X+XTPW4nbiZq7EoMvTyGSVcivZfWrFTBiJzuYZEMGayppGI
p+sNcFQ4VsLZjCEekX/c2aHSVz0sZXX49rzqOHPRiRBdU6806oqTWIUJbOKRLLjx
iODVpdCGZXY=
=zRxJ
-----END PGP SIGNATURE-----
Current thread:
- CGI Scans on web server Bjorn Djupvik (Dec 06)
- Re: CGI Scans on web server Jay D. Dyson (Dec 11)
- Re: CGI Scans on web server Ryan Russell (Dec 12)
- <Possible follow-ups>
- Re: CGI Scans on web server Matteo,Marc A. (Dec 09)
- Re: CGI Scans on web server Jay D. Dyson (Dec 11)