Re: Need help to find web server attacks signature
From: Muhammad Naseer (naseer_at_digitallinx.com)
Date: 10/22/03
- Previous message: Maxime Ducharme: "Need help to find web server attacks signature"
- In reply to: Maxime Ducharme: "Need help to find web server attacks signature"
- Next in thread: Fatih Qzavc=FD?=: "Re: Need help to find web server attacks signature"
- Reply: Fatih Qzavc=FD?=: "Re: Need help to find web server attacks signature"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Maxime Ducharme" <maxime@pandore-design.com>, <incidents@securityfocus.com> Date: Thu, 23 Oct 2003 00:23:55 +0500
Sounds to be Retina using CHM for HTTP.
Naseer
----- Original Message -----
From: "Maxime Ducharme" <maxime@pandore-design.com>
To: <incidents@securityfocus.com>
Sent: Wednesday, October 22, 2003 10:43 PM
Subject: Need help to find web server attacks signature
>
> Hi all,
> i'd need help to identify an attack that happened on one of our
> customer's web server yesterday, I put the log file here :
> http://www.pandore-design.com/security/2003-10-21-IIS-attack.txt
>
> I see some attacks that seem to be a security scanner tool,
> and some attacks which targets specific pages of the web site
> (where we begin to see 200 responses from the web server).
>
> Someone recognize a tool / virus / worm in this ?
>
> Thanks in advance for help
>
> ---------------------------------------------------------------
> Maxime Ducharme
> Administrateur reseau, Programmeur
>
>
>
> --------------------------------------------------------------------------
-
> FREE Whitepaper: Better Management for Network Security
>
> Looking for a better way to manage your IP security?
> Learn how Solsoft can help you:
> - Ensure robust IP security through policy-based management
> - Make firewall, VPN, and NAT rules interoperable across heterogeneous
> networks
> - Quickly respond to network events from a central console
>
> Download our FREE whitepaper at:
> http://www.securityfocus.com/sponsor/Solsoft_incidents_031015
> --------------------------------------------------------------------------
-- > --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_incidents_031015 ----------------------------------------------------------------------------
- Previous message: Maxime Ducharme: "Need help to find web server attacks signature"
- In reply to: Maxime Ducharme: "Need help to find web server attacks signature"
- Next in thread: Fatih Qzavc=FD?=: "Re: Need help to find web server attacks signature"
- Reply: Fatih Qzavc=FD?=: "Re: Need help to find web server attacks signature"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
