-- OM-- From: "Remko Lodder" <remkoat_private> Subject: Re: [security-elvandar] "access_log?hello" ? > I dont recognise this as a particular script that is running against > your host. > Although it could be a custom made script that just sends a lot of > characters (or a lot of hello's) > to your host, trying to overflow it. > > My best guess is that it's the overflow option, > But i am interested now.. so when anyone else has a opinion... An Overflow to accomplish what? I see no shellcode in that string, Other then crashing the web server on the other end, what could be its use? Could It be a tool to look in the log files of webservers for previous compromises? http://www.analog.cx/ creates the product that makes the logs in the /logs/active/ I see no mention of any compromises in thier site. Sal --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Mon Jul 28 2003 - 09:58:52 PDT