Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Gateway.dll?
From: QNT Beheer/NOC <beheer () qnt net>
Date: Tue, 20 Mar 2001 08:51:27 +0100
        Sorry if this one's totally obvious, it's Monday...



        Getting an awful pile of hits to http://64.4.13.172/gateway/gateway.dll
in my Squid logs... anyone see similar stuff?  It's coming from a couple
of extra IP's as well, same subnet tho... Is it just someone's ad
engine, or something worse?


Connected to 64.4.13.172.
Escape character is '^]'.
HEAD /gateway/gateway.dll

HTTP/1.1 400 Bad Request
Server: Microsoft-IIS/5.0
Date: Tue, 20 Mar 2001 07:44:04 GMT
X-MSN-Messenger: Session=close
Content-Length: 0
Content-type: application/x-msn-messenger

Microsoft messenger, from (at least) 64.4.13.171 to 64.4.13.177.
Just add an 'deny' acl to squid, and your employees will not be able to use
MSN chat anymore.

--------------------------------------------------------------------------------
Beheer/NOC QNT Internet                 QNT BV
beheer () qnt-internet nl                  http://www.qnt-internet.nl
P.O. 1116    - 8900 CC  Leeuwarden (NL)
Zaailand 94  - 8911 BN  Leeuwarden (NL)
--------------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
  • Gateway.dll? Drew Smith (Mar 19)
    • Re: Gateway.dll? QNT Beheer/NOC (Mar 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]