Re: Comcast.net abuse contact?

From: Tom Laermans (tom.laermansat_private)
Date: Wed Jan 16 2002 - 13:06:42 PST

  • Next message: David Worth: "Re: nasty tripwire report"

    At 18:24 16/01/2002, you wrote:
    
    >Once in a while I get weird stuff where they ask for a remote webserver:
    >
    >61.170.140.72   [24/Dec/2001:21:06:09 -0800] "GET http://www.s3.com/
    >200.83.32.13    [26/Dec/2001:20:49:16 -0800] "GET http://www.google.com/
    >217.168.67.121  [01/Jan/2002:00:50:45 -0800] "GET http://www.s3.com/
    >218.21.77.29    [03/Jan/2002:20:58:16 -0800] "GET http://www.yahoo.com/
    >61.142.242.236  [14/Jan/2002:10:09:45 -0800] "GET http://www.spedia.net/
    >
    >Anyone know what's up with that?
    
    People are testing to see if your webserver can be used as a proxy... (to 
    make them more anonymous)
    
    I've had the same requests..
    
    Tom
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Wed Jan 16 2002 - 15:49:32 PST