RE: Strange scans

From: Ed Moyle (
Date: 04/15/02

Date: Mon, 15 Apr 2002 14:03:57 -0400
From: Ed Moyle <>
To: Brenna Primrose <>,

> It's fairly obvious they were looking for IIS and other vulnerabilities,
> but why does "GET HTTP/1.0" appear in it?

Looks like it is testing to see if you are a proxy server...

This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: