×

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.



  1.  Home
  2. WEB400
  3. February 2003

Re: Revenge?

The only trend in the addresses these attempts are coming from is that,
in general, they're from the same subnet, or otherwise fairly close. I
suspect it's other Comcast customers searching nearby IP addresses for
openings. It really doesn't bother me.

As far as "having fun" goes, I was hoping that I could redirect that
request to a porn site or something, inflicting endless pop-ups on the
offending end, but didn't really think that would work since it's
unlikely there's a browser on their end.

Since someone mentioned it, besides PTF issues, where would I find a
list of items to check to ensure I don't have any Apache
vulnerabilities?

Z

> -----Original Message-----
> From: Eyers, Daniel [mailto:daniel.eyers@xxxxxxxxxxxxx]
> Sent: Friday, February 28, 2003 8:51 AM
> To: 'Web Enabling the AS400 / iSeries'
> Subject: [WEB400] Re: Revenge?
> 
> 
> Is the traffic coming from the same source IP???  perhaps 
> some firewall rules may be in order...
> 
> Does the 400 have anything like the hosts.deny file in Linux?  
> 
> dan
> 
> 
> -----Original Message-----
> From: Jim Franz [mailto:franz400@xxxxxxxxxxxx]
> Sent: Thursday, February 27, 2003 2:42 PM
> To: Web Enabling the AS400 / iSeries
> Subject: [WEB400] Re: Revenge?
> 
> 
> if you re-direct back to the sender, and the sender has no knowledge
> of these (like smtp-relay) you will be seen as "attacking" 
> their server.
> Some would say this is ok, but if lawyers & law enforcement get
> involved.....?
> No hacker (except the truly stupi# (unaware)) ever send an attack from
> their own pc.
> and btw - make sure you have no known Apache vulnerabilities 
> unpatched..
> imho
> jim
> 
> ----- Original Message -----
> From: "Metz, Zak" <Zak_Metz@xxxxxx>
> To: "Web Enabling the AS400 / iSeries" <web400@xxxxxxxxxxxx>
> Sent: Thursday, February 27, 2003 2:13 PM
> Subject: [WEB400] Revenge?
> 
> 
> > Every couple minutes in the Apache log...
> >
> > /WWW/Distortion/htdocs/scripts/root.exe
> > /WWW/Distortion/htdocs/MSADC/root.exe
> > /WWW/Distortion/htdocs/c/winnt/system32/cmd.exe
> > /WWW/Distortion/htdocs/d/winnt/system32/cmd.exe
> > /WWW/Distortion/htdocs/scripts/..
> > /WWW/Distortion/htdocs/scripts/..A?../winnt/system32/cmd.exe
> > /WWW/Distortion/htdocs/scripts/..A ../winnt/system32/cmd.exe
> > /WWW/Distortion/htdocs/scripts/..
> >
> > Is there any fun to be had redirecting these hack attempts?
NOTICE: This E-mail may contain confidential information. If you are not
the addressee or the intended recipient please do not read this E-mail
and please immediately delete this e-mail message and any attachments
from your workstation or network mail system. If you are the addressee
or the intended recipient and you save or print a copy of this E-mail,
please place it in an appropriate file, depending on whether
confidential information is contained in the message.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.