Snort mailing list archives

possible exploit

From: Robert T Wyatt <robert.wyatt () mail utexas edu>
Date: Wed, 15 Feb 2006 02:08:05 -0600

It's possible that I wasn't logging at the moment this hit, but it didnot show up in my snort log and so I believe it was missed. I don't knowwhat it was after, but it doesn't look friendly to me.

60.10.38.189 - - [14/Feb/2006:22:20:03 -0600] "GET/level/16/exec/-///pwd HTTP/1.0" 404 346 "-" "-"



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

possible exploit Robert T Wyatt (Feb 15)
- RE: possible exploit Patrick S. Harper (Feb 15)
- Re: possible exploit Frank Knobbe (Feb 15)
  - Re: possible exploit Robert T Wyatt (Feb 15)
    - Re: possible exploit Robert T Wyatt (Feb 16)