|
Posted by Brion on September 26, 2007, 9:09 am
If you were Registered and logged in, you could reply and use other advanced thread options
> That comes from an automated scanner. Someone is trying to identify
> your web server (e.g., OS, Http server, PHP version, et cetera) and
> find vulnerabilities. Best to check that your web server is up-to-date
> and your PHP is patched.
>
> Regards,
>
> J Wolfgang Goerlich
>
>
> Related Links:
>
> [Dshield] What is thisdoesnotexistahaha.php?
> http://lists.sans.org/pipermail/list/2006-July/024862.html
>
> Cacti remote injection exploit
> http://www.freebsddiary.org/cacti-exploit.php
>
>> Hi everyone,
>> Recently we've started getting error messages similar to the
>> following:
>>
>> Source: W3SVC-WP
>> Event ID: 2216
>>
>> Description:
>> The script started from the URL '/thisdoesnotexistahaha.php' with
>> parameters
>> '' has not responded within the configured timeout period. The HTTP
>> server
>> is terminating the script.
>>
>> The particular .php script involved has a different name each time. If
>> I'm
>> reading this right, someone is trying to execute a php script somehow.
>> The
>> server does host some websites that use php, and it has PostgreSQL
>> installed
>> too. How are they attempting to execute a script? Via HTTP post? What
>> are
>> they trying to do? Even if they find one of the php files on the server,
>> what good would it do them to execute it? Any advice is appreciated.
>>
>> Thanks!
>
>
| 
XML site map