another stupid question.
From: Zep (zep_at_nemesis.mmind.net)
Date: 06/03/03
- Previous message: Chris Berry: "RE: A new concept for security management?"
- Next in thread: Joerg Over: "Re: another stupid question."
- Reply: Joerg Over: "Re: another stupid question."
- Reply: security_at_nuvox.net: "Re: another stupid question."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 3 Jun 2003 12:03:41 -0400 To: security-basics@securityfocus.com
I've googled log entries like the ones below, looking for some
mention of the exploit/what's being attempted (port 25, I'm
guessing it's spam relay?) and how to make sure I'm not helping
someone be an interdork. any info is greatly appreciated.
63.211.23.62 - 63.211.23.62 - - - [02/Jun/2003:22:43:35 -0400] "CONNECT mx00.comcast.net:25 HTTP/1.0" 405 99
63.211.23.62 - 63.211.23.62 - - - [02/Jun/2003:22:43:37 -0400] "POST http://63.211.23.62:25/ HTTP/1.1" 200 1188
63.211.23.38 - 63.211.23.38 - - - [03/Jun/2003:10:26:36 -0400] "CONNECT mailin-04.mx.aol.com:25 HTTP/1.0" 405 99
63.211.23.38 - 63.211.23.38 - - - [03/Jun/2003:10:26:36 -0400] "POST http://63.211.23.38:25/ HTTP/1.1" 200 1188
I'd be much less concerned if it weren't for the 200 codes on the
'POST' commands. Thanks.
--
- Zep
(zep@nemesis.mmind.net)
Friends may come and go, but enemies accumulate.
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Chris Berry: "RE: A new concept for security management?"
- Next in thread: Joerg Over: "Re: another stupid question."
- Reply: Joerg Over: "Re: another stupid question."
- Reply: security_at_nuvox.net: "Re: another stupid question."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
