RE: Strange IIS Pattern...
From: Mark L. Jackson (codewizard@lvcm.com)Date: 06/05/02
- Previous message: Michael Katz: "Re: [incident] IIS defacement through FTP, possible DoS"
- In reply to: Antonio Stano: "Strange IIS Pattern..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Mark L. Jackson" <codewizard@lvcm.com> To: "Antonio Stano" <astano@tele-servizi.com>, <incidents@securityfocus.com> Date: Wed, 5 Jun 2002 12:00:22 -0700
Off the top of my head I believe that is a Dreamweaver extension. It is
probably integrated into Coldfusion by now. I am guessing this is part of
the new MX package.
Hope that helps.
Mark
> Found on a 2000 box, not compromised thousand of entries with different
> source ip...
> no reference anywhere for this type of attack..
> what do you think?
>
>
> 2002-06-04 15:15:48 xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx 80 GET
> /mmres:/mmres:/mmres:/mmres:/mmres:/mmres:/mmres:/mmres:/mmres:/mm
> res:/mmres
> :/mmres:/mmres:/mmres:/mmres:/mmres:/mmres:/mmres:/mmres:/mmres:/m
> mres:/mmre
> s:/mmres:/mmres:/mmres:/mmres:/mmres:/user_interface_small.css - 404
> Mozilla/4.08+[en]+(Win95;+I+;Nav)
>
> Antonio Stano
> http://www.securityinfos.com
>
>
>
> ------------------------------------------------------------------
> ----------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Michael Katz: "Re: [incident] IIS defacement through FTP, possible DoS"
- In reply to: Antonio Stano: "Strange IIS Pattern..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
