Home Community Discussion Forums Most Active Software Boards LabVIEW Topic

LabVIEW

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

G web server and hackers

G web server and hackers

‎08-03-2006 09:48 AM

Hello, I do some web hosting with the G Web server.  Occasionally, I'll look at the log and see if any odd requests come through.  I found this one today:
 
8/2/2006 11:19:00 PM: 209.197.58.66 - "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1"
 
I browsed to this link, and the G web server redirected it to the home page (the one with all the NI links and tutorials).  So G webserver must understand the request.  I did some googling and found that this is some sort of hacker trick.   Does anyone have any thoughts on how to handle this? 
Thanks,
Pat
0 Kudos
Message 1 of 3
(2,837 Views)
Reply

Re: G web server and hackers

‎08-03-2006 06:31 PM - edited ‎08-03-2006 06:31 PM

It's a scanner.  Normally it looks for php related files.  I think it's pretty safe to ignore.  You could always block the IP and report the incident to the ISP of the offender.
http://isc.sans.org/diary.php?storyid=900
http://isc.sans.org/diary.php?storyid=591

Edit: changed links to clickable

Message Edited by LittlemanTAMU on 08-03-2006 06:32 PM

Message 2 of 3
(2,817 Views)
Reply

Re: G web server and hackers

‎08-04-2006 07:45 AM

Thanks.  I was worried because G Web server knew how to handle the request (rather than just generating an error).  But it looks like this is php hacking attempt, and all of my server scripts are vi's.  Thanks again.
Pat
0 Kudos
Message 3 of 3
(2,795 Views)
Reply