|
At 11:16 12/04/2002, Jim Franz wrote:
just for fun - this is an automated script attack against port 80 http server. Took 6 seconds) I get 10-20 a day from different ip's. All automated.
I recently opened up port 80 on my firewall for a short term project, and I was seeing that kind of thing routinely in the Apache error logs. It didn't hurt anything because I'm running Linux, but it got me interested. I wrote some code to filter out the uninteresting messages (mostly just ignore netbios on port 137 - thanks again Bill). I haven't had any epiphanies yet, but there are definite patterns to it. It's kinda like listening to one of those recordings of whale songs from thousands of miles away. Lots of activity from Kazaza and Bearshare/Gnutella networks, which is a little scary, but so far usually not too excessive. Lots of strange things, like hits from eastern Europe, looking for a TFTP server. I'll bet their boot-up times are llloooooong. Pete Hall pbhall@ameritech.net http://www.pbhall.us/
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.