Meine Blog-Liste

  • end of life - Good morning, as you may have already found out, the posts on this blog have been getting less and less. This is caused by the fact that my two honeypots h...
    vor 10 Monaten

Mittwoch, 27. Mai 2015

SendMeSpam: Thats new: allcfgconf attack seen in the wild

SendMeSpam: Thats new: allcfgconf attack seen in the wild: According to my last log files from yesterday, there was an attack which included a allcfgconf statement  beeswarm [mypyfwa] 2015-05-28 0...

Dienstag, 26. Mai 2015

SendMeSpam: Introducing IBM X-Force Exchange

SendMeSpam: Introducing IBM X-Force Exchange: Several weeks ago IBM launched there X-Force Exchange Webinterface. Basically, the idea behind this is to have a collaboration platform whe...

Montag, 11. Mai 2015

SendMeSpam: "Case study. Please bear with us. Thank you." Inje...

SendMeSpam: "Case study. Please bear with us. Thank you." Inje...: Tonight several attempts has hit my system  46.151.212.26 - - [12/May/2015:01:31:28 +0200] "GET /cgi-bin/ HTTP/1.0" 408 519 &qu...

Mittwoch, 6. Mai 2015

SendMeSpam: PHP injection attacks (encoded url analyze)

SendMeSpam: PHP injection attacks (encoded url analyze): I adjusted my analysing script to now do a length count of the request. Reason was a ongoing attack which tried to inject url encoded code i...

SendMeSpam: China.Z still out there

SendMeSpam: China.Z still out there: I am still seeing China.Z malware or variants hitting the system on a regular base (1 to 4 each night). All attack vectors look the same , o...

Sonntag, 3. Mai 2015

SendMeSpam: Trojan.Perl.Shellbot-2 injection

SendMeSpam: Trojan.Perl.Shellbot-2 injection: Last night I had another 30 lines of tried shell code injection and the download of malware. 194.176.119.86 - - [02/May/2015:21:14:23 +02...