Hello, Some 10,000 attacks later and after spending too much time deciphering the Hex code the bots sent, the bottom line is that there are just 2 web sites that are housing the malicious Javascript. (In our case, obviously)
They are 3 3 2 2 . o r g 1 0 0 0 m g . c n Yes, the spaces need to come out if you want to look at the sites...AT YOUR OWN RISK. The url link in the hex code is longer of course but I'm not going to put it in here. The sites are pretty much the same. They are in China, big surprise, but in cities about 644 miles apart. How many other domains housing malicious javascript did you all find? Thanks, Mike P.S. Don't ask me how the hex code was deciphered. Our network wizard did it and he just left on vacation. :)) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:310600 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4