RE: HTTP Probe by Webserver

From: Vince Sola (sola-v@home.com)
Date: 10/11/01


From: "Vince Sola" <sola-v@home.com>
To: "'Alan Wright'" <AlanJWright@manx.net>, <incidents@securityfocus.com>
Subject: RE: HTTP Probe by Webserver
Date: Wed, 10 Oct 2001 19:52:45 -0400
Message-ID: <000001c151e6$a9f1ab40$0e3f0941@gambrills1.md.home.com>

That host has been had by the Nimda worm..so you may just be seeing nimda
probes.

Vince

> -----Original Message-----
> From: Alan Wright [mailto:AlanJWright@manx.net]
> Sent: Wednesday, October 10, 2001 6:31 PM
> To: incidents@securityfocus.com
> Subject: HTTP Probe by Webserver
>
>
> Dear All
>
> I have noticed tonight that BlackIce Defender has flagged up
> an Http probe
> from a webserver @195.10.146.197.
> This comes back as a Finnish IP.
> Anyone know if the server has been compromised and is
> randomly probing or
> is someone using it as a jump off point for some probing
>
> Any help would be gratefully received.
>
>
>
> All the best
>
> Alan
>
> { Alan J Wright B.Sc(Hons)(Open)}
> {SMS or Phone +447624462772}
>
>
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com



Relevant Pages

  • RE: HTTP Probe by Webserver
    ... Subject: HTTP Probe by Webserver ... Recursive queries supported by this server ... % This is the RIPE Whois server. ...
    (Incidents)
  • RE: HTTP Probe by Webserver
    ... Subject: HTTP Probe by Webserver ... It looks to be an NT 4.0 web server running FTP, HTTP, HTTPS, and Proxy. ... and tracking system please see: http://aris.securityfocus.com ...
    (Incidents)