CodeRed

From: terminatorat_private
Date: Fri Jul 20 2001 - 12:40:47 PDT

  • Next message: Gary Flynn: "Re: Jetdirect card Attack???-Final from original poster"

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    We started receiving scans today, here is
    what our Apache access and error logs showed:
    
    Apache Access Log:
    - ------------------
    171.64.232.31 - - [19/Jul/2001:11:59:07 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    66.114.64.236 - - [19/Jul/2001:12:10:59 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    65.115.68.15 - - [19/Jul/2001:12:17:45 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    64.67.86.5 - - [19/Jul/2001:12:29:01 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    195.240.22.48 - - [19/Jul/2001:12:31:32 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    199.227.135.3 - - [19/Jul/2001:12:32:46 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    211.172.202.243 - - [19/Jul/2001:14:23:43 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    213.237.151.6 - - [19/Jul/2001:14:42:20 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    212.143.100.188 - - [19/Jul/2001:14:57:39 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    24.180.67.233 - - [19/Jul/2001:15:04:20 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    207.19.245.161 - - [19/Jul/2001:15:15:22 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    208.209.130.77 - - [19/Jul/2001:15:27:48 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    208.36.198.226 - - [19/Jul/2001:15:29:13 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    24.128.137.218 - - [19/Jul/2001:15:33:44 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    203.199.85.25 - - [19/Jul/2001:15:52:24 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    141.149.209.129 - - [19/Jul/2001:16:17:03 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    212.38.182.73 - - [19/Jul/2001:16:23:33 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    160.75.71.14 - - [19/Jul/2001:16:30:39 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    63.222.184.69 - - [19/Jul/2001:16:38:20 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    62.254.241.213 - - [19/Jul/2001:16:38:31 -0500] "-" 408 -
    211.167.112.172 - - [19/Jul/2001:17:23:41 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    203.247.204.20 - - [19/Jul/2001:17:48:50 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    210.145.14.61 - - [19/Jul/2001:17:56:33 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    192.84.221.95 - - [19/Jul/2001:18:19:19 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    61.151.248.21 - - [19/Jul/2001:18:29:12 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    130.39.191.58 - - [19/Jul/2001:18:34:47 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    200.39.125.195 - - [19/Jul/2001:18:42:43 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    61.11.249.102 - - [19/Jul/2001:22:29:21 -0500] "GET
    /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
    
    Apache Error Log:
    - -----------------
    [Thu Jul 19 11:59:07 2001] [error] [client 171.64.232.31] Client sent
    malformed Host header
    [Thu Jul 19 12:10:59 2001] [error] [client 66.114.64.236] Client sent
    malformed Host header
    [Thu Jul 19 12:17:45 2001] [error] [client 65.115.68.15] Client sent
    malformed Host header
    [Thu Jul 19 12:29:01 2001] [error] [client 64.67.86.5] Client sent malformed
    Host header
    [Thu Jul 19 12:31:32 2001] [error] [client 195.240.22.48] Client sent
    malformed Host header
    [Thu Jul 19 12:32:46 2001] [error] [client 199.227.135.3] Client sent
    malformed Host header
    [Thu Jul 19 14:23:43 2001] [error] [client 211.172.202.243] Client sent
    malformed Host header
    [Thu Jul 19 14:42:20 2001] [error] [client 213.237.151.6] Client sent
    malformed Host header
    [Thu Jul 19 14:57:39 2001] [error] [client 212.143.100.188] Client sent
    malformed Host header
    [Thu Jul 19 15:04:20 2001] [error] [client 24.180.67.233] Client sent
    malformed Host header
    [Thu Jul 19 15:15:22 2001] [error] [client 207.19.245.161] Client sent
    malformed Host header
    [Thu Jul 19 15:27:48 2001] [error] [client 208.209.130.77] Client sent
    malformed Host header
    [Thu Jul 19 15:29:13 2001] [error] [client 208.36.198.226] Client sent
    malformed Host header
    [Thu Jul 19 15:33:44 2001] [error] [client 24.128.137.218] Client sent
    malformed Host header
    [Thu Jul 19 15:52:24 2001] [error] [client 203.199.85.25] Client sent
    malformed Host header
    [Thu Jul 19 16:17:03 2001] [error] [client 141.149.209.129] Client sent
    malformed Host header
    [Thu Jul 19 16:23:33 2001] [error] [client 212.38.182.73] Client sent
    malformed Host header
    [Thu Jul 19 16:30:39 2001] [error] [client 160.75.71.14] Client sent
    malformed Host header
    [Thu Jul 19 16:38:20 2001] [error] [client 63.222.184.69] Client sent
    malformed Host header
    [Thu Jul 19 17:23:41 2001] [error] [client 211.167.112.172] Client sent
    malformed Host header
    [Thu Jul 19 17:48:50 2001] [error] [client 203.247.204.20] Client sent
    malformed Host header
    [Thu Jul 19 17:56:33 2001] [error] [client 210.145.14.61] Client sent
    malformed Host header
    [Thu Jul 19 18:19:19 2001] [error] [client 192.84.221.95] Client sent
    malformed Host header
    [Thu Jul 19 18:29:12 2001] [error] [client 61.151.248.21] Client sent
    malformed Host header
    [Thu Jul 19 18:34:47 2001] [error] [client 130.39.191.58] Client sent
    malformed Host header
    [Thu Jul 19 18:42:43 2001] [error] [client 200.39.125.195] Client sent
    malformed Host header
    [Thu Jul 19 22:29:21 2001] [error] [client 61.11.249.102] Client sent
    malformed Host header
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (GNU/Linux)
    Comment: Made with pgp4pine 1.75-6
    
    iEYEARECAAYFAjtYiUQACgkQF6Jgd5ZCDcRXxwCdHv/KBqZPxrhqC+iUHgYPT2tM
    CKUAn03tEiudX3+C3ZVh1TO4Pg4E/3FB
    =2aDA
    -----END PGP SIGNATURE-----
    
    
    
    
    ----------------------------------------------------------------------------
    
    
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see:
    
    http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Sat Jul 21 2001 - 14:40:57 PDT