RE: Strange scans

From: Ed Moyle (emoyleat_private)
Date: Mon Apr 15 2002 - 11:03:57 PDT

  • Next message: Andrew Daviel: "Re: <victim>server formmail.pl exploit in the wild"

    > It's fairly obvious they were looking for IIS and other vulnerabilities,
    > but why does "GET http://www.microsoft.com/ HTTP/1.0" appear in it?
    
    Looks like it is testing to see if you are a proxy server...
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Mon Apr 15 2002 - 12:33:17 PDT