Re: There is a strange get request header in all web pages of my site? I'm worry about Trojan attack!

[Henri Salo <henri () nerv fi>]

On Thu, Sep 08, 2011 at 09:51:42AM +0100, charlie () funkymunkey com wrote:
> That's isn't 'a' header, its a whole GET request and response. I'm
> assuming there is a bit of javascript that appears on every page of
> your site that makes the browser send this GET request. The best
> option would be to load up your website in a browser and look
> through the code or look through the code on the web server and find
> out where that request is coming from.
> At least you can be sure that nothing malicious is going on from
> your website as this request is met by a 404 meaning that the
> supposed malicious script does not exist.

No he should NOT go there using normal browser. If this is drive-by attack URL might get to be alive and he would get 
infected. At least I suggest him to disable javascript, but that might not help if URL is using other attack vector 
like vulnerability of PDF-reader or browser. I would like to investigate this issue, but I haven't received URL to the 
web-site even I requested it.

Best regards,
Henri Salo

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------