Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | ContactHome | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | ContactHave you noticed any connections from a specific location? I have had a large number of "hits" from *.*.ac.kr... and a few from random sites in .de I can be more specific off list if you want... George -----Original Message----- From: Montgomery-Smith, Stephen Sent: Wed 7/2/2003 11:04 PM To: MLUG Off-Topic Discussion Cc: Subject: Re: [MLUG - DISCUSSION] website defacement day Michael wrote: > Dunno how serious to take the threat but it wouldn't hurt to upgrade > your web servers. Obviously that includes the web server itself and all > additional software on the server that could be used for entry. :) > > http://www.sfgate.com/cgi-bin/article.cgi?f=/news/archive/2003/07/02/financial1239EDT0109.DTL&type=tech > > I am seeing quite a lot of break in attempts on my lowly web server. I am getting connection attempts to port 1433, which looks like some kind of SQL port. I am also getting a lot of attempts to look at files like /usr/local/www/data/scripts/..%5c../winnt/system32/cmd.exe on my web server. -- Stephen Montgomery-Smith EMAIL:PROTECTED http://www.math.missouri.edu/~stephen _______________________________________________ discussion mailing list EMAIL:PROTECTED http://mlug.missouri.edu/mailman/listinfo/discussion
<<winmail.dat>>
_______________________________________________ discussion mailing list EMAIL:PROTECTED http://mlug.missouri.edu/mailman/listinfo/discussion