Code Red?
John (EBo) David
plug-discuss@lists.PLUG.phoenix.az.us
Fri, 10 Aug 2001 22:54:57 -0700
"David P. Schwartz" wrote:
>
> I saw someome complaining about their server, and decided to take a look at
> my
> server's logs.
>
> The main domain's log is cluttered with stuff over the past several days
> that looks like this:
>
> 63.229.248.108 - - [08/Aug/2001:21:57:21 -0700] "GET
> /default.ida?XXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
damnnnnn... I just checked and I have the same. I also noticed that a
significant percentage of attacks are coming from within the
universities subdomain. I do not think the domain administrators are
going to like my phone message... All I said is I think you have a
problem. Who do I send the log files to?
EBo --