I'm getting some weird web requests coming in on my Home cablemodem setup. [Fri Nov 30 16:18:52 2001] [error] [client 207.33.111.32] Invalid method in request HEAD%00 /%20HTTP/1.0%0D%0A%0D%0AAccept%3A%20gtkcaqcekiihoj/../../index.html%3fnbjkky ckfxc=/../ieielkyazjrtlwamehemlerzayxgxvshosamhlrfjqkjvbqrxjplsmluohplapryys tkumldtrqimmjmqogynifwwlnghjwkiirvfjkdvlvyuxjieadymlsumvriicklndjvrekdlrbbma sqkqfrsigboccwpmrozdodezsewfwuesvjobkbhfpbivuydpjsjdylaelsdlrvpdwwjfjrzchnbn orjohiaxkosvwvlhsivmookdpoxzdylpcvwhktyjlgbvnxxxpucgtatvffnbxzevjyowjmhwisjo bivqumhqunmmwsusmzgwumatzyfqcgxcnpnnmtllsqpsfpyflwhifgtlltnhjbfixauobptbsnnh hhvxlfxtpnejibvzpgbhcabumjhgyrxmksemempmekharvoeqcnokdfnykfebmvlfepynnxlttls qcwpdhrmuvrxqxfdyfuplikvotraksbaxmdgriuthcnxvsclrgwitqpramguvjgkbzjwtklkwflw pfzbuamezliqnahffxzwqumvkhinpyorhgfnqwjqrbrptralicwqttbsyalzukwnirxlbebeeayw tvfxgbyampcxrkzqyvyvfbmcszbivnmpobahjrjrvhbvkotleeqavpfiprztpcatbjkqvgljlqyn nxeqfqbphupugppdfazicmmpdjnkriykseezfxgrqeyffdilrertefbstylsafhshymcmwoployb uetdfqxzqpjfdvjfemqamllabtcbuwivxnhqfaxxmgkltczflexpuwczvpfwrcaeebivowkxkqnl zogwaispoofhkohrdepqmfyxbiibubgjercdmbwcpsteevfdgyjfjmgmimwiitljjxktildiqzyi cojlprcktfhdctppmmndsrzxytlgrgsjxesmxxopvegpufnlnpbzfzsiuutaqbcmjajubsyfkwjj khxxbmgdvaxfpnzzddmsievmpqwhpmlbzwrbzhebsazairqhzdmsuhgfznlhmaalgqujncobpfkb sruugcjpfkblvpmlkbknxpnjqajkwuxtsxpntbzyzuefdktlaunmflgknsujdxwuomlylgvefdxp kdjjofizqooueinjmjjkpzwwnnosifminfffwuakttyvkeallovlybecfjrnoerzybqdubqpheia ltcgwpqcsnqqkbbfssrceidgkkktkaxcuulqyzbqmuslglcjvyhacjtgnhgjiyjhitpsipeagibm pddtfunvygerjsmfcyirnxghfsiexikoeljymetumaqvrzompigdkpbsuyjpiqdytgczjswhyqmp sgwtbxndmjmphaykxwdlprvtonihekpyxrobcbmbyccgjdpitrnjxvysiozpkafmtsnpmerhoifl xrpprrqcozngamqgirwr/.././%57%57%57%54%48%52%45%41%44%53/./ HTTP/1.0 [Fri Nov 30 16:18:53 2001] [error] [client 207.33.111.32] Invalid method in request HEAD%00 /%20HTTP/1.0%0D%0A%0D%0AAccept%3A%20fbdfhahodcqrxrdx/../../index.html%3fyfbw kypspvxcjaesb=/../zyzxzkvdcjvitalrnfnvmknpdgmvugvvcehhxstixtcgjpictmqwchjtre jgtjbgzqgabwknksanesgsgvbzchknxbkejcvktxunxkaghsktvgswhzpwgaprlhdbinbekurawe zutzkimuyxlqykbdnqiduyuviguqhxvzbwnpdgykmhhthsufdkddxdzrhkoskosjnlmlbjjsgvlh yrvymbdmzxmwnqhmlqiiacqkcgvmuwkxpawkuedzcexfsgjwajdbuxwelmrolhumlqrmuihwfdui bcmyxtunsdaxrzehyccnbyuptgcohayudbxociefbmhathmigiilkfpgkxrktetvvztjvnqoroqo qnilawukypqitvlqknkizkdrgmjrxwulynjxbplaevlnhpxxeqbgysqcezvkxuvefrxhjqnfocvy xycwfpnfwfeeknbyylisvugkwfiwjrypqdrcscnwexunftvounkqwnpkqlowofdgytnocugulxdo vhwzsurtcuicmjzgmismskycbxflvrlmedzpwapnytucewbdtjxwbsuhxteajwzrtkttzphfjolz taryvpowbgrohxsultfvrmgweoyswlspnpngddpckkbfhtiowdglhpvdvjezyrpdjzxsuflfzqmx pkgffzttwdqbtfautwhniplihtsurqvkbmrcszmvcqvurnqimroemitrbkcjhmabbnkgribsuhzv pbmciczogfmhglypzfwnhmdxijoudqqocrfopthszjqjwjimczqddugshntcwoajdongajozywtb lzvwoakxhlmdgqibblgfdegaknsvywodsuiqjepugdoozauvtvcpfhnsvsxkoxswnvmyojprtybu vhusrtmrwxvngwhkmtpejlwhydtwqrtpubgkoztfrrfftnkeyqvqxgxxhjfqkyebhfopmpmgeizz umqyjdqrzfomqocafmnjazmqdnrfrqzjrockcnliybfkhurqezktrzueyrzebsyabfrumumjnvai cfyrqrekytmwdxvjqgjgmjntdfmplskqoyuarngjunpdfwehbmigaavtnfndxponhlbwngmwubab budlirwyuirsgxycgmwmezvwdwbgvdcjblvnxaubupfiwvzoanvequqpxmehkiasdkrvstvwzdbm voyilcidosccqzvvljtijdzdednwmbkfgbrmbhauzkkygnpcfccapsdkdjvkzqigvwfhazslxyed oxnjizzdpywlpoudrjbsxhnykirrlagnivhdirexhpjclsuxxfunliydfpmirxhmdfvcfizbrgmi owxagwopwokxiyhjqnkkgjoepazlugufcwznmxiugszvvtsnijryqonuysksckagodfuypgfhhxk smaykgvcurxyfkiznoulquvhgwfyijrczxfnswzytvqdiepzwoeekxewzvxxyeard/.././%50%4 8%50/./ HTTP/1.0 [Fri Nov 30 16:18:53 2001] [error] [client 207.33.111.32] Invalid method in request HEAD%00 /%20HTTP/1.0%0D%0A%0D%0AAccept%3A%20hbjeqftxsuodwd/../../index.html%3fqoatfp kbwzljzpsr=/../tccpzrngfnaopxuhkjqgecegxltihxrvqqgivxjfanillatnmkwzssruimupl jbfjmfglgguflyquftjtlvrgrvpeezwcrsvyrnwusiejvvzxbawzzafisnjvupcjmqcgnnzclsid wuvegyspdynrmgwjaabrvycqsvflfaqwqvbbwhwheayikpeityqhhbwkrebdprrfunpkassazjks bjbljccayukcunsltcsfcisvczdmllbhakvdhjpwvwcyhcwtrrfympomnyqhgrwxfrmdfgwzurqy etwhonzqhhkutwtsfbnkommwwnrjnqdydsrhqkfpppkgarcmbgreqhttsqwtamcydzyikwllggmj ymjdwmejkqgnokvwqzikzyqhtzasenmzuwrermkdmoqwjwukvyemykcwggmloirclztortqiinta jvjsydfoilkbirsdufhtjhtbnwhndwmrcuxdoqftehkyuarnievievwmppswzikybdngriowvpzw nqoqyxmtjjyrputlwdjzhtnysfyhdmvfxfpgobsrdszabqmvwdckrtasqydfoljozytxoeyrlmmm usekbnvkuoqwpaajyseilchllqpesopqsaaaltaqzqpppzqcucvolxojfzptqghfzelnfbafsjof zivwwbxvsxporytpnpicsoqevafbtlphveckdzumcxqybdkeckdldrjavbimfzhbemdlriaomspk xdcfztfcbkwhspqfzlohwqmvajljjmertfjhgmphbdsnuzkqdpxjhcumsadomgkhvccbclurgesq qjjffgomwssmmfsjlyoeigognydawhawstmwenyxoeyelskjbiaxfmibjhjvxfqgifabphqprrfz bhucyzcrahbhyjifdbdzkgfizbviurmsczmbfoxbuyqxglqxbvtlmjcuvssefygjupodmsmvkjfa peronpmpnvypgsqkcysqzrbissmguficzjtiukhuzphkthqpvdxlaechpcafgvnpxdxpdpiksdjm nsvbvcmdveejitbhovacgtjdvswrrclnpvgbfgqjvmlyovtkihjgoujatzxrnomtlstsgjpddzlm trjvawvfvwvvhdkjkjboyoedatwrcfqqmzpkvnymnxubgswmmmmrfhfnqoupgmqwiyepifaexrra xxedtqvypeoxbuxikduwcmfottmanahslgtfuikndbkswubebhxaihtcsuddpcapafdrxrremxwj wppkzmhmtmlwzouaqpbxyhaizwzkoxptaejbolihyabwvtnsssdwryyknanjlxrtviwvobonfews xudnndzdnilfqwsguaguexoulkoxeurjxampbxfsecqoxhbsruhlkqhsidlchxrctp/.././%4d% 4c%4f%47%2e%50%48%54%4d%4c HTTP/1.0 It doesn't look like codered/nimda so what could it be? and whats it trying to do? ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Nov 30 2001 - 11:43:17 PST