-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We started receiving scans today, here is what our Apache access and error logs showed: Apache Access Log: - ------------------ 171.64.232.31 - - [19/Jul/2001:11:59:07 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 66.114.64.236 - - [19/Jul/2001:12:10:59 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 65.115.68.15 - - [19/Jul/2001:12:17:45 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 64.67.86.5 - - [19/Jul/2001:12:29:01 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 195.240.22.48 - - [19/Jul/2001:12:31:32 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 199.227.135.3 - - [19/Jul/2001:12:32:46 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 211.172.202.243 - - [19/Jul/2001:14:23:43 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 213.237.151.6 - - [19/Jul/2001:14:42:20 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 212.143.100.188 - - [19/Jul/2001:14:57:39 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 24.180.67.233 - - [19/Jul/2001:15:04:20 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 207.19.245.161 - - [19/Jul/2001:15:15:22 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 208.209.130.77 - - [19/Jul/2001:15:27:48 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 208.36.198.226 - - [19/Jul/2001:15:29:13 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 24.128.137.218 - - [19/Jul/2001:15:33:44 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 203.199.85.25 - - [19/Jul/2001:15:52:24 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 141.149.209.129 - - [19/Jul/2001:16:17:03 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 212.38.182.73 - - [19/Jul/2001:16:23:33 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 160.75.71.14 - - [19/Jul/2001:16:30:39 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 63.222.184.69 - - [19/Jul/2001:16:38:20 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 62.254.241.213 - - [19/Jul/2001:16:38:31 -0500] "-" 408 - 211.167.112.172 - - [19/Jul/2001:17:23:41 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 203.247.204.20 - - [19/Jul/2001:17:48:50 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 210.145.14.61 - - [19/Jul/2001:17:56:33 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 192.84.221.95 - - [19/Jul/2001:18:19:19 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 61.151.248.21 - - [19/Jul/2001:18:29:12 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 130.39.191.58 - - [19/Jul/2001:18:34:47 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 200.39.125.195 - - [19/Jul/2001:18:42:43 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN 61.11.249.102 - - [19/Jul/2001:22:29:21 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN Apache Error Log: - ----------------- [Thu Jul 19 11:59:07 2001] [error] [client 171.64.232.31] Client sent malformed Host header [Thu Jul 19 12:10:59 2001] [error] [client 66.114.64.236] Client sent malformed Host header [Thu Jul 19 12:17:45 2001] [error] [client 65.115.68.15] Client sent malformed Host header [Thu Jul 19 12:29:01 2001] [error] [client 64.67.86.5] Client sent malformed Host header [Thu Jul 19 12:31:32 2001] [error] [client 195.240.22.48] Client sent malformed Host header [Thu Jul 19 12:32:46 2001] [error] [client 199.227.135.3] Client sent malformed Host header [Thu Jul 19 14:23:43 2001] [error] [client 211.172.202.243] Client sent malformed Host header [Thu Jul 19 14:42:20 2001] [error] [client 213.237.151.6] Client sent malformed Host header [Thu Jul 19 14:57:39 2001] [error] [client 212.143.100.188] Client sent malformed Host header [Thu Jul 19 15:04:20 2001] [error] [client 24.180.67.233] Client sent malformed Host header [Thu Jul 19 15:15:22 2001] [error] [client 207.19.245.161] Client sent malformed Host header [Thu Jul 19 15:27:48 2001] [error] [client 208.209.130.77] Client sent malformed Host header [Thu Jul 19 15:29:13 2001] [error] [client 208.36.198.226] Client sent malformed Host header [Thu Jul 19 15:33:44 2001] [error] [client 24.128.137.218] Client sent malformed Host header [Thu Jul 19 15:52:24 2001] [error] [client 203.199.85.25] Client sent malformed Host header [Thu Jul 19 16:17:03 2001] [error] [client 141.149.209.129] Client sent malformed Host header [Thu Jul 19 16:23:33 2001] [error] [client 212.38.182.73] Client sent malformed Host header [Thu Jul 19 16:30:39 2001] [error] [client 160.75.71.14] Client sent malformed Host header [Thu Jul 19 16:38:20 2001] [error] [client 63.222.184.69] Client sent malformed Host header [Thu Jul 19 17:23:41 2001] [error] [client 211.167.112.172] Client sent malformed Host header [Thu Jul 19 17:48:50 2001] [error] [client 203.247.204.20] Client sent malformed Host header [Thu Jul 19 17:56:33 2001] [error] [client 210.145.14.61] Client sent malformed Host header [Thu Jul 19 18:19:19 2001] [error] [client 192.84.221.95] Client sent malformed Host header [Thu Jul 19 18:29:12 2001] [error] [client 61.151.248.21] Client sent malformed Host header [Thu Jul 19 18:34:47 2001] [error] [client 130.39.191.58] Client sent malformed Host header [Thu Jul 19 18:42:43 2001] [error] [client 200.39.125.195] Client sent malformed Host header [Thu Jul 19 22:29:21 2001] [error] [client 61.11.249.102] Client sent malformed Host header -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Made with pgp4pine 1.75-6 iEYEARECAAYFAjtYiUQACgkQF6Jgd5ZCDcRXxwCdHv/KBqZPxrhqC+iUHgYPT2tM CKUAn03tEiudX3+C3ZVh1TO4Pg4E/3FB =2aDA -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Jul 21 2001 - 14:40:57 PDT