|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Chinese HTTP ACKs
From: Peter Kerr (p.kerr
auckland.ac.nz)
Date: Thu Feb 10 2005 - 08:46:22 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
In-Reply-To: <1107987233.679.89.camellocalhost>
>From: Frank Knobbe <frankknobbe.us>
>In-Reply-To: <00f101c50ed2$56e35ff0$646f1299HURON>
>Date: Wed, 09 Feb 2005 16:13:53 -0600
...
>Oh, and they also performed proxy checks (trying GET http://
www.sohu.com
>against the tested hosts). Not really a feature of a search engine
>either :)
>
>These accesses were observed from 61.135.131.0/24 and
220.181.26.0/24.
>
>You might want to keep an eye on those subnets. Has anyone else
noticed
>attempts from Sohu or has some more information he can share
here?
>
61.128.234.194 - - [31/Jan/2005:19:12:34 +1300] "GET http://
www.sina.com.cn/ HTTP/1.1" 200 1090
Just the one GET, no other probing, also once each on 28 & 29 Jan.
There have been bots from all places except .cn looking thru my index
structure. I just assumed this guy was looking for an open proxy, didn't
find it & went away.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]