Hi Steven,
This is trojan activity:
http://vil.nai.com/vil/content/v_136735.htm
Notifying the users might be a good idea as well. :-)
Pierre.
On 11/4/05, Glogger Steven S.Glogger@cybernet.ch wrote:
hi there
while analysing some bogus stuff i found out, that some strange requests where going to:
http://wm.maxysearch.info/cgi-bin5/repeaterm.fcgi?n=5&lastid= http://maxysearch.info/gallery20081/xpsystem/rxs.ini.php http://traff-store.com/gallery20081/xpsystem/rxs.ini.php
especially the first link is very interesting. it generates (random?) e-mail adresses and the spamming text...
and also some nonworking (anymore) links: http://maxysearch.info/gallery20081/xpsystem/rxs.ini.php http://clickonseek.com/gallery20081/xpsystem/rxs.ini.php http://www.student.ru.nl/markjansen/g2/bazooka.php?get=1&hostfile=1&... gnutella2&client=RAZA&version=2.2.0.0 http://twopi.no-ip.org/g2/bazooka.php?get=1&hostfile=1&net=gnutella2... ent=RAZA&version=2.2.0.0 http://rssfed23.angeltowns.com/g2/bazooka.php?get=1&hostfile=1&net=g... lla2&client=RAZA&version=2.2.0.0
what do you think about this? lets autogenerate filters? :-)
-steven _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog