Re: evil script in server logs (Heads Up)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Daniel Brown wrote:
    Yeah, honestly I wasn't sure if it was an injection attack or if
those URLs were referrers in the logs.
If you hit the first URL ( http://www.vesprokat.ru/n ) with, say lynx, you get that script coming up. So it could've been referral hits. Which could mean the remote host is already infected and is now looking for more targets.

--
W | It's not a bug - it's an undocumented feature.
 +--------------------------------------------------------------------
 Ashley M. Kirchner <mailto:ashley@xxxxxxxxxx>   .   303.442.6410 x130
 IT Director / SysAdmin / Websmith             .     800.441.3873 x130
 Photo Craft Imaging                       .     3550 Arapahoe Ave. #6
http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux