RV: packets in my network
From: Sergio Candelas Noriega (sergio.candelas@grupobbva.com)Date: 09/26/01
- Previous message: Paul Tan: "Re: Hacked using vulnerable FTP daemon."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Sergio Candelas Noriega" <sergio.candelas@grupobbva.com> To: <incidents@securityfocus.com> Subject: RV: packets in my network Date: Wed, 26 Sep 2001 09:42:11 +0200 Message-ID: <BNEPIIBBPMMHHCBCACAJIEGHCCAA.sergio.candelas@grupobbva.com>
First of all.
hello everybody, and sorry about my english.
while i was sniffing in my local network , i saw that my computer was
sending this kind of packet:
GET
http://www.cms1.net/scripts/cms/CmsInit.ASP?ID=200101&D2=xA%3F%3F%3F%3F%40%3
FK%3F%40%3F%3F%3F%3FK%3F%3F%3F%3F%3F%3F%3F%3F%3F&AW=247&LV=3209&CU=19277765
HTTP/1.0
Accept: image/gif, image/x-windows-bmp, image/jpeg, application/x-html, */*
www.cms1.net is not responding but the address above returns this:
DATA_OK W_INT [C=33][V=1927776] W_INT [C=34][V=1001423085] W_STR
[C=96][V=1001423085] W_STR [C=90][V=]
do you know what it could be???
thanks
Sergio.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Paul Tan: "Re: Hacked using vulnerable FTP daemon."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
