[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Anyone noticing an increase in IOS HTTP scanning?

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] Anyone noticing an increase in IOS HTTP scanning?
From: <nms@xxxxxxxxxxx>
Date: Thu, 1 Sep 2005 14:23:38 -0400

I have been getting at least 40 IOS HTTP Unauth Command Execution scans in the 
last 12 hours. Every one has come from a different source IP, but they are all 
located in Korea.

They are all trying to execute GET /level/16/exec/-///pwd HTTP/1.0 .

The stupid thing is, they are trying this on a bunch of web servers.

Has anyone else seen something like this? Before last night, there had never 
been one of these on this network.

Thanks.

Paul Smith

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Anyone noticing an increase in IOS HTTP scanning?
  - From: John Kinsella
- Re: [Full-disclosure] Anyone noticing an increase in IOS HTTP scanning?
  - From: Hugh Brown

Prev by Date: Re: [Full-disclosure] RE: Example firewall script
Next by Date: Re: [Full-disclosure] Anyone noticing an increase in IOS HTTP scanning?
Previous by thread: Re: [Full-disclosure] RE: Example firewall script
Next by thread: Re: [Full-disclosure] Anyone noticing an increase in IOS HTTP scanning?
Index(es):
- Date
- Thread