[Logwatch-Devel] LogWatch for machine

Paweł Gołaszewski blues@ds.pg.gda.pl
Wed, 10 Dec 2003 07:58:13 +0100 (CET)


Hello,

Who is interested into that kind of entries? I don't know how to clasify 
them (exploit/overflow attempt?).


---------- Forwarded message ----------
Date: Wed, 10 Dec 2003 04:02:29 +0100
[...]
 --------------------- httpd Begin ------------------------ 


A total of 8 unidentified 'other' records logged
  GET /minitri.flg HTTP/1.0 with response code(s) 404 404 404 404 404 404 404  
  \x9a\xd8\xe3\x92^;09\x88\x16 \t with response code(s) 501  
  \x17\xd9[`\xd0\xd2\xbb\xfb\x03\b\x81! with response code(s) 501  
  GET /livetri.zip HTTP/1.0 with response code(s) 404 404 404 404 404 404 404 404  
  HEAD /v4/iuident.cab?0312091205 HTTP/1.1 with response code(s) 404 404 404 404  
  GET /wutrack.bin?U=557b94ca7e61c24cb2ba4642312243d0&C=au&A=s&I=&D=&P=5.1.a28.2.100.1.0&L=pl-PL&S=f&E=80072733&M=ver%3D5.4.3630.1106&X=031209120532828 HTTP/1.1 with response code(s) 404 404 404 404  
  GET /v4/iuident.cab?0312091205 HTTP/1.1 with response code(s) 404 404 404  
  \xb7\x86\xa0rqTL\xfb\x0c\x02\x03/ with response code(s) 400  

 ---------------------- httpd End ------------------------- 
[...]

-- 
pozdr.  Paweł Gołaszewski 
---------------------------------
worth to see: http://www.againsttcpa.com/
CPU not found - software emulation...