unusual http access in proxy log

From: Martin K. Lee - XML Consulting <martin.lee(at)xmlconsulting.com.au>
Date: Thu Jan 23 2003 - 01:09:58 EST

 

All,  

While I was checking a client's proxy log file, I found thousands of http access from a few hosts to the follow URL: http://www.instituto.com.br/attackDoS.php?ver=01&task=newzad&first=1  

Has anyone seen this before? I did a search in google and it seems like it exists in quite a lot of proxy log.

Regards,
Martin K. Lee
Senior Consultant
martin.lee@xmlconsulting.com.au
PGP Fingerprint: DD34 4218 6D6E BB26 2D2C F596 DE8A 58A8 C128 BCD1

Disclaimer:
The information in this electronic mail message is private and confidential, and only intended for the addressee. Should you receive this message by mistake, you are hereby notified that any disclosure, reproduction, distribution or use of this message is strictly prohibited. Please inform the sender by reply transmission and delete the message without copying or opening it.

Messages and attachments are scanned for all viruses known. If this message contains password-protected attachments, the files have NOT been scanned for viruses by the XML Consulting mail domain.

Always scan attachments before opening them.

---

This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Thu Jan 23 12:07:07 2003