Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 2 Feb 1999 15:56:37 -0600 (CST)
From:      James Wyatt <jwyatt@RWSystems.net>
To:        Dan Langille <junkmale@xtra.co.nz>
Cc:        Mike Holling <myke@ees.com>, freebsd-security@FreeBSD.ORG
Subject:   Re: what were these probes?
Message-ID:  <Pine.BSF.4.05.9902021409070.13018-100000@kasie.rwsystems.net>
In-Reply-To: <19990202065625.CSGF678125.mta2-rme@wocker>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2 Feb 1999, Dan Langille wrote:
> On 1 Feb 99, at 22:28, Mike Holling wrote:
> > > Tonight I found these entries in my log files.  What were they looking
> > > for?  Was this a spammer looking for exploits?
> > My offhand guess is that this was indeed some kind of automated script
> > looking for a set of known security holes.
> Looks that way to me too.  Messages I've received off list seem to 
> indicate that the http probes were well known exploits.  And they all 
> failed.  It seems that the security in place has done it's job.

Notice that they are coming from a hostname beginning ns.*.com. Looks
like someone's nameserver wasn't as lucky as your webserver... 8{(


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9902021409070.13018-100000>