|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Need help to find web server attacks signature
From: Muhammad Naseer (naseer
digitallinx.com)
Date: Wed Oct 22 2003 - 14:23:55 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sounds to be Retina using CHM for HTTP.
Naseer
----- Original Message -----
From: "Maxime Ducharme" <maximepandore-design.com>
To: <incidentssecurityfocus.com>
Sent: Wednesday, October 22, 2003 10:43 PM
Subject: Need help to find web server attacks signature
>
> Hi all,
> i'd need help to identify an attack that happened on one of our
> customer's web server yesterday, I put the log file here :
> http://www.pandore-design.com/security/2003-10-21-IIS-attack.txt
>
> I see some attacks that seem to be a security scanner tool,
> and some attacks which targets specific pages of the web site
> (where we begin to see 200 responses from the web server).
>
> Someone recognize a tool / virus / worm in this ?
>
> Thanks in advance for help
>
> ---------------------------------------------------------------
> Maxime Ducharme
> Administrateur reseau, Programmeur
>
>
>
> --------------------------------------------------------------------------
-
> FREE Whitepaper: Better Management for Network Security
>
> Looking for a better way to manage your IP security?
> Learn how Solsoft can help you:
> - Ensure robust IP security through policy-based management
> - Make firewall, VPN, and NAT rules interoperable across heterogeneous
> networks
> - Quickly respond to network events from a central console
>
> Download our FREE whitepaper at:
> http://www.securityfocus.com/sponsor/Solsoft_incidents_031015
> --------------------------------------------------------------------------
--
>
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_incidents_031015
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]