| 1 |
I got the following error this morning during my logwatch processing |
| 2 |
which I run daily and I would like to know if there is anything I can |
| 3 |
should do about it? Seems to me it could be serious, if someone has |
| 4 |
penetrated my server. |
| 5 |
|
| 6 |
A total of 4 possible successful probes were detected (the following |
| 7 |
URLs |
| 8 |
contain strings that match one or more of a listing of strings that |
| 9 |
indicate a possible exploit): |
| 10 |
|
| 11 |
/?f=../../../../../../../../../etc/passwd HTTP Response 200 |
| 12 |
/?file=../../../../../../../../../etc/passwd HTTP Response 200 |
| 13 |
/?filename=../../../../../../../../../etc/passwd HTTP |
| 14 |
Response 200 |
| 15 |
/?id=../../../../../../../../../etc/passwd HTTP Response |
| 16 |
200 |
| 17 |
|
| 18 |
|
| 19 |
Thanks in advance for any suggestions. |
| 20 |
|
| 21 |
-- |
| 22 |
Your life is like a penny. You're going to lose it. The question is: |
| 23 |
How do |
| 24 |
you spend it? |
| 25 |
|
| 26 |
John Covici wb2una |
| 27 |
covici@××××××××××.com |
Archives