1 |
I got the following error this morning during my logwatch processing |
2 |
which I run daily and I would like to know if there is anything I can |
3 |
should do about it? Seems to me it could be serious, if someone has |
4 |
penetrated my server. |
5 |
|
6 |
A total of 4 possible successful probes were detected (the following |
7 |
URLs |
8 |
contain strings that match one or more of a listing of strings that |
9 |
indicate a possible exploit): |
10 |
|
11 |
/?f=../../../../../../../../../etc/passwd HTTP Response 200 |
12 |
/?file=../../../../../../../../../etc/passwd HTTP Response 200 |
13 |
/?filename=../../../../../../../../../etc/passwd HTTP |
14 |
Response 200 |
15 |
/?id=../../../../../../../../../etc/passwd HTTP Response |
16 |
200 |
17 |
|
18 |
|
19 |
Thanks in advance for any suggestions. |
20 |
|
21 |
-- |
22 |
Your life is like a penny. You're going to lose it. The question is: |
23 |
How do |
24 |
you spend it? |
25 |
|
26 |
John Covici wb2una |
27 |
covici@××××××××××.com |