Il giorno [DATA], [NOME], [INDIRIZZO] ha scritto:
> I just looked again in my apache logs and I found an interesting entry. It
> looks like all the other code red
> entries I have but it is 1.78 megs of "code" can anyone tell me what this is?
> should I be worried about being
> infected? I was informed that only iis was susceptible to the worm but I have
> been monitoring my server just the
> same there are a ton of enties looking for default.ida?XXXXXXXX.... but only
> one of these.
> Please help
> Frederic:
>
> "GET
> /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9
> 090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
> HTTP/1.0" 404 279
>
We are getting the same on all of our Linux and Mac Servers. For now they
just seem to be a bother - creates a bit of traffic. If you're lucky, they
don't arrive that often.
John Forrester
Ancitel Spa
Rome Italy
[EMAIL PROTECTED]
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
