On Mon, 04 Oct 2004 16:10:45 +0100, Roy Schestowitz
<newsgroups@schestowitz.com> wrote:
>What is that M$ garbage?
There's a whole family of attacks against web servers, and it looks
like you're being probed.
If you're running FPSE, then for every directory "foo" there's a
foo\_vti_cnf\ beneath it. By guessing at the existence of this, and
guessing that it contains various bits of M$oft binary crudware
(because many servers do) then a script can make an automated attack
on your server and many others too. It nearly always fails, but it's
a very easy probe to test for - and they only need to catch a handful
of vulnerable servers.
You might like to watch the IP ranges that are doing this, maybe block
them.
|