Date: Tue, 2 Feb 1999 12:45:35 +0100 (CET) From: Chris Larsen <vader@vader.dk> To: Dan Langille <junkmale@xtra.co.nz> Cc: freebsd-security@FreeBSD.ORG Subject: Re: what were these probes? Message-ID: <Pine.BSF.3.96.990202123432.3109B-100000@www.babel.dk> In-Reply-To: <19990202055804.YRQY682101.mta1-rme@wocker>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2 Feb 1999, Dan Langille wrote: > ns.cvvm.com - - [02/Feb/1999:17:34:28 +1300] "GET /cgi-bin/phf HTTP/1.0" > 404 164 > ns.cvvm.com - - [02/Feb/1999:17:34:29 +1300] "GET /cgi-bin/Count.cgi > HTTP/1.0" 404 170 > ns.cvvm.com - - [02/Feb/1999:17:34:30 +1300] "GET /cgi-bin/test-cgi > HTTP/1.0" 404 169 > ns.cvvm.com - - [02/Feb/1999:17:34:31 +1300] "GET /cgi-bin/php.cgi > HTTP/1.0" 404 168 > ns.cvvm.com - - [02/Feb/1999:17:34:32 +1300] "GET /cgi-bin/handler > HTTP/1.0" 404 168 > ns.cvvm.com - - [02/Feb/1999:17:34:33 +1300] "GET /cgi-bin/webgais > HTTP/1.0" 404 168 > ns.cvvm.com - - [02/Feb/1999:17:34:34 +1300] "GET /cgi-bin/websendmail > HTTP/1.0" 404 172 > ns.cvvm.com - - [02/Feb/1999:17:34:34 +1300] "GET /cgi-bin/webdist.cgi > HTTP/1.0" 404 172 > ns.cvvm.com - - [02/Feb/1999:17:34:38 +1300] "GET /cgi-bin/faxsurvey > HTTP/1.0" 404 170 > ns.cvvm.com - - [02/Feb/1999:17:34:39 +1300] "GET /cgi-bin/htmlscript > HTTP/1.0" 404 171 > ns.cvvm.com - - [02/Feb/1999:17:34:40 +1300] "GET /cgi-bin/pfdisplay.cgi > HTTP/1.0" 404 174 > ns.cvvm.com - - [02/Feb/1999:17:34:41 +1300] "GET /cgi-bin/perl.exe > HTTP/1.0" 404 169 > ns.cvvm.com - - [02/Feb/1999:17:34:43 +1300] "GET /cgi-bin/wwwboard.pl > HTTP/1.0" 404 172 > ns.cvvm.com - - [02/Feb/1999:17:34:47 +1300] "GET /cgi- > bin/ews/ews/architext_query.pl HTTP/1.0" 404 187 > ns.cvvm.com - - [02/Feb/1999:17:34:48 +1300] "GET /cgi-bin/jj HTTP/1.0" > 404 163 > > > telnet: > > Feb 2 17:34:20 ns telnetd[29665]: refused connect from ns.cvvm.com > Feb 2 17:34:20 ns telnetd[29667]: refused connect from ns.cvvm.com > > sendmail: > > Feb 2 17:34:25 ns sendmail[29666]: NOQUEUE: Null connection from > root@ns.cvvm.com [139.142.106.131] > Feb 2 17:34:51 ns sendmail[29668]: NOQUEUE: Null connection from > root@ns.cvvm.com [139.142.106.131] > A little script kid that fell over cgichk.c ?? Its a distinct fingerprint from that program at least. For more information check www.rootshell.com: http://www.rootshell.com/beta/view.cgi?199812 darth@vader.dk | Internet Café : Babel vader@babel.dk | Frederiksborggade 33 Chris Larsen | Phone # +45 33 33 93 38 System Manager | Open: 14-23 Mon - Sat PGP-key id: 0x137993A5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990202123432.3109B-100000>