On 1 Sep 2001, Soeren Ziehe wrote: > > There was an attempt to use a formmail perl script installed on our > server from a non-local address. > > A quick grep trough our weblogs for this month and back to the beginning > of this year revealed a ton of requests for the 20th this month and a > few requests on the 11th, 23th, 27th and 29th. > <SNIP> > > IF you've stayed with me until here. Has anyone seen the same access > attempts patterns/tool signatures? Yes, it's been on-and-off our top 5 for some time now: http://aris.securityfocus.com/ Ryan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Sep 03 2001 - 14:27:07 PDT