: Unusual autoindex-like commands In looking at my logs, I get many GET requests aimed at a directory with what appear to be auto-index parameters. Stuff like ?C=M or ?O=A. I understand those.
In looking at my logs, I get many GET requests aimed at a directory with what appear to be auto-index parameters. Stuff like ?C=M or ?O=A. I understand those.
But I also get many requests with ?N=D, ?M=A, ?N=A, ?C=S, ?D=A. I don't have a clue what those mean. Is there some complete list of these commands that describes what they do? On my system, they just throw the requester to my index.html file. What are these requesters trying to do?
httpd.apache.org/docs/2.2/mod/mod_autoindex.html just gives a few of them.
More posts by @Kaufman445
1 Comments
Sorted by latest first Latest Oldest Best
Simple. It is likely hackers are landscaping your site to discover what software you use and ultimately figure out what vulnerabilities exist within your site to take advantage of later. I would block these domain names and IP addresses as quickly as possible. Often, these are systems that have been compromised, proxy servers, or (rarely) a hacker directly and therefore can come from anywhere even sites that look legitimate. Keep in mind that these domain names and IP addresses can change often and there can be several of them. Also know that the hack attempts often do not come from the same domain names or IP addresses. Hackers will landscape then hack later. But depending upon the code, the hack and landscape can come from the same machines. You have to be on your toes.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.