Security Incidents mailing list archives

Re: logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit...

From: jet <jet () spies com>
Date: Tue, 11 Feb 2003 23:19:54 -0800

At 11:46 -0700 2003/02/11, Richard Rager wrote:

Here are some other abnormals. Does anyone know what they are trying to
do?

24.95.60.115 - - [06/Feb/2003:21:35:37 -0700] "GET /.private.d/log.html
HTTP/1.0" 404 285


Is there, perhaps, a common application or configuration that stores logs in a user's  ".private.d" directory?
-- 
J. Eric Townsend -- jet spies com
buy stuff, damnit: http://www.spies.com/jet/store.html

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... Chuck Swiger (Feb 10)
- Re: logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... Richard Rager (Feb 11)
  - Re: logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... jet (Feb 12)
- Re: logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... root@darks (Feb 12)
  - Re: logfiles of openssl-0.9.6e + GET_CLIENT_HELLO exploit... Chuck Swiger (Feb 12)