Re: [SLUG] Probes of SLUG Site?

From: steve szmidt (
Date: Wed Apr 05 2006 - 00:31:04 EDT

On Wednesday 05 April 2006 00:16, Paul M Foster wrote:
> I need someone more expert in security than me, perhaps someone at NKS,
> since the SLUG site is hosted there. I'm seeing what appear to be
> "probes" of the SLUG site. Someone is going to (for example) the
> volunteer page, and filling out the form. A typical example is as follows:

Looks like a cross site request forgery.

Since a browser does not know what to expect when it hits a web site it will
collect what is being offered. They are trying to have Your computer go to
their website and pickup something. Possibly a root kit.

If you use php make sure it has been locked down properly.


Steve Szmidt

"For evil to triumph all that is needed is for good men to do nothing. Edmund Burke ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:31:28 EDT