[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] weird activity
- Subject: Re: [cobalt-users] weird activity
- From: "Carrie Linn Bartkowiak" <ravencarrie@xxxxxxxx>
- Date: Mon Dec 18 12:47:00 2000
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> I was running some log reports on my RAQ2 today for one of the domains on
> there and came accross some strange activity. It seems that someone was
> keying in some URLs that I've never heard of. I can only assume that
he/she
> may have been trying some common exploits. Can anyone shed some light on
> this? Are these directories valid, and what do they do? Are these common
> exploit techniques?
> Thanks in advance!
>
> -Jesus
>
> 1 http:// www.domain.com/LMOID/resource/0,566,home-2958,00.html
> 2 http:// www.domain.com/main/channel/0,2,-tv,00.html
> 14 http:// www.domain.com/wwwboard/messages/97164.html 1
> 15 http:// www.domain.com/LMOID/mysnap/mysnap/0,160,0,00.html
> 16 http:// www.domain.com/main/door/0,1,home-home,00.html
> 14 http:// www.domain.com/wwwboard/messages/97164.html
Well, only you can tell us if these directories are valid. :)
It looks like you have a message board set up somewhere, and there are links
pointing to another message that isn't coming out correctly. Either that
message has expired, or been deleted, or the link is simply wrong.
With the LMOID thing, it looks like these are links where someone has
forgotten to put the full URL in, using http://... or again that they're
pointing to links on the site that are now dead.
The mysnap thing makes me think of the Snap! search engine; do you perhaps
have a webstats script installed that tells you the referring site? That
one looks like a link to the referring page - actually they all kinda look
like links to referring pages - where the beginning part of the referring
URL isn't being coded so the remainder of the link is being appended to your
domain.com.
Carrie Bartkowiak