tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From DIGLLOYD INC <digllo...@diglloyd.com>
Subject Re: hackers sending long URLs to probe site?
Date Thu, 01 May 2008 02:49:38 GMT
It's certainly something nefarious...one of my paths contains  
"diglloyd/free", and I see URLs containing 100 or 200 of that string  
repeated...

On Apr 30, 2008, at 1:58 PM, David Delbecq wrote:

> DIGLLOYD INC a écrit :
>> Christopher,
>>
>> Thank you.  This is helpful.  Sorry about the "hijacked thread", I  
>> didn't think of that.
>>
>> Yes, I've double-checked that my site isn't generating the bad  
>> links. It's all static HTML and I've searched for any duplications,  
>> "../../" type things, etc. I don't currently generate any URLs, and  
>> the sheer length of the duplication rules out any basic mistakes in  
>> static html.
>>
>> I have directory indexes turned off, confirmed by seeing 404 codes  
>> on certain directories in which I don't have index files  
>> (intentionally).
>>
>> Lloyd
> A bit late to respond, but it might also be a worm infected computer  
> trying to probe your server to check if it can be used as an attack  
> vector. However, am more used to worms checking for urls containing  
> cmd.exe, which probes for security holes in IIS.
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>

Lloyd Chambers
http://diglloyd.com

[Mac OS X 10.5.2 Intel, Tomcat 6.0.16]





---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message