Date: Sun, 20 Sep 1998 21:55:38 -0700 (PDT) From: "Eric J. Schwertfeger" <ejs@bfd.com> To: Brett Glass <brett@lariat.org> Cc: security@FreeBSD.ORG Subject: Re: Bogus hits on our Web server Message-ID: <Pine.BSF.4.01.9809202151170.8446-100000@harlie.bfd.com> In-Reply-To: <199809202128.PAA11447@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 20 Sep 1998, Brett Glass wrote: > We've gotten several spates of Web log entries like the following: > > 62.8.15.131 unknown - [20/Sep/1998:10:43:16 -0600] "GET /cgi-bin/phf" 404 - > 62.8.15.131 unknown - [20/Sep/1998:10:43:17 -0600] "GET /cgi-bin/test-cgi" > 404 - > 62.8.15.131 unknown - [20/Sep/1998:10:43:18 -0600] "GET /cgi-bin/handler" > 404 - I've got our web server emailing me every time a 404 pops up on the assumption that our site, or one of the sites we host, has a broken link. The blind stab at /cgi-bin/phf has been happening for a very long time, though it has suddenly become more popular. The other two I hadn't seen much of until recently. I definitely suspect script-kiddies, enough that I want to set those to pop up a page saying "Just what do you expect to find here?" Or at least dump all the parameters. Hmmmm..... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.01.9809202151170.8446-100000>