Can anyone tell me what tool is used to accomplish the following? The port scans I see for web servers are followed up with the following series of commands: GET http://www.intel.com/ HTTP/1.1\r\n Host: www.intel.com \r\n Accept: */*\r\n Pragma: no-cache:\r\n User-Agent: Mozilla/4.0\r\n \r\n www.intel.com is sometimes replaced with www.yahoo.com or whatever address. The port scan itself is of course detected by my perimeter security, the web server log I presume always logs that the source was www.intel.com. No big deal, just that I'm seeing a lot of these recently. ========= Paul Bobby <dream> Got Root? </dream>
This archive was generated by hypermail 2b30 : Thu May 17 2001 - 19:54:35 PDT