Strange Web requests.

["Geoffrey King" <gking () evildomain dyndns org>]

I'm getting some weird web requests coming in on my Home cablemodem setup.


[Fri Nov 30 16:18:52 2001] [error] [client 207.33.111.32] Invalid method in
request HEAD%00
/%20HTTP/1.0%0D%0A%0D%0AAccept%3A%20gtkcaqcekiihoj/../../index.html%3fnbjkky
ckfxc=/../ieielkyazjrtlwamehemlerzayxgxvshosamhlrfjqkjvbqrxjplsmluohplapryys
tkumldtrqimmjmqogynifwwlnghjwkiirvfjkdvlvyuxjieadymlsumvriicklndjvrekdlrbbma
sqkqfrsigboccwpmrozdodezsewfwuesvjobkbhfpbivuydpjsjdylaelsdlrvpdwwjfjrzchnbn
orjohiaxkosvwvlhsivmookdpoxzdylpcvwhktyjlgbvnxxxpucgtatvffnbxzevjyowjmhwisjo
bivqumhqunmmwsusmzgwumatzyfqcgxcnpnnmtllsqpsfpyflwhifgtlltnhjbfixauobptbsnnh
hhvxlfxtpnejibvzpgbhcabumjhgyrxmksemempmekharvoeqcnokdfnykfebmvlfepynnxlttls
qcwpdhrmuvrxqxfdyfuplikvotraksbaxmdgriuthcnxvsclrgwitqpramguvjgkbzjwtklkwflw
pfzbuamezliqnahffxzwqumvkhinpyorhgfnqwjqrbrptralicwqttbsyalzukwnirxlbebeeayw
tvfxgbyampcxrkzqyvyvfbmcszbivnmpobahjrjrvhbvkotleeqavpfiprztpcatbjkqvgljlqyn
nxeqfqbphupugppdfazicmmpdjnkriykseezfxgrqeyffdilrertefbstylsafhshymcmwoployb
uetdfqxzqpjfdvjfemqamllabtcbuwivxnhqfaxxmgkltczflexpuwczvpfwrcaeebivowkxkqnl
zogwaispoofhkohrdepqmfyxbiibubgjercdmbwcpsteevfdgyjfjmgmimwiitljjxktildiqzyi
cojlprcktfhdctppmmndsrzxytlgrgsjxesmxxopvegpufnlnpbzfzsiuutaqbcmjajubsyfkwjj
khxxbmgdvaxfpnzzddmsievmpqwhpmlbzwrbzhebsazairqhzdmsuhgfznlhmaalgqujncobpfkb
sruugcjpfkblvpmlkbknxpnjqajkwuxtsxpntbzyzuefdktlaunmflgknsujdxwuomlylgvefdxp
kdjjofizqooueinjmjjkpzwwnnosifminfffwuakttyvkeallovlybecfjrnoerzybqdubqpheia
ltcgwpqcsnqqkbbfssrceidgkkktkaxcuulqyzbqmuslglcjvyhacjtgnhgjiyjhitpsipeagibm
pddtfunvygerjsmfcyirnxghfsiexikoeljymetumaqvrzompigdkpbsuyjpiqdytgczjswhyqmp
sgwtbxndmjmphaykxwdlprvtonihekpyxrobcbmbyccgjdpitrnjxvysiozpkafmtsnpmerhoifl
xrpprrqcozngamqgirwr/.././%57%57%57%54%48%52%45%41%44%53/./ HTTP/1.0
[Fri Nov 30 16:18:53 2001] [error] [client 207.33.111.32] Invalid method in
request HEAD%00
/%20HTTP/1.0%0D%0A%0D%0AAccept%3A%20fbdfhahodcqrxrdx/../../index.html%3fyfbw
kypspvxcjaesb=/../zyzxzkvdcjvitalrnfnvmknpdgmvugvvcehhxstixtcgjpictmqwchjtre
jgtjbgzqgabwknksanesgsgvbzchknxbkejcvktxunxkaghsktvgswhzpwgaprlhdbinbekurawe
zutzkimuyxlqykbdnqiduyuviguqhxvzbwnpdgykmhhthsufdkddxdzrhkoskosjnlmlbjjsgvlh
yrvymbdmzxmwnqhmlqiiacqkcgvmuwkxpawkuedzcexfsgjwajdbuxwelmrolhumlqrmuihwfdui
bcmyxtunsdaxrzehyccnbyuptgcohayudbxociefbmhathmigiilkfpgkxrktetvvztjvnqoroqo
qnilawukypqitvlqknkizkdrgmjrxwulynjxbplaevlnhpxxeqbgysqcezvkxuvefrxhjqnfocvy
xycwfpnfwfeeknbyylisvugkwfiwjrypqdrcscnwexunftvounkqwnpkqlowofdgytnocugulxdo
vhwzsurtcuicmjzgmismskycbxflvrlmedzpwapnytucewbdtjxwbsuhxteajwzrtkttzphfjolz
taryvpowbgrohxsultfvrmgweoyswlspnpngddpckkbfhtiowdglhpvdvjezyrpdjzxsuflfzqmx
pkgffzttwdqbtfautwhniplihtsurqvkbmrcszmvcqvurnqimroemitrbkcjhmabbnkgribsuhzv
pbmciczogfmhglypzfwnhmdxijoudqqocrfopthszjqjwjimczqddugshntcwoajdongajozywtb
lzvwoakxhlmdgqibblgfdegaknsvywodsuiqjepugdoozauvtvcpfhnsvsxkoxswnvmyojprtybu
vhusrtmrwxvngwhkmtpejlwhydtwqrtpubgkoztfrrfftnkeyqvqxgxxhjfqkyebhfopmpmgeizz
umqyjdqrzfomqocafmnjazmqdnrfrqzjrockcnliybfkhurqezktrzueyrzebsyabfrumumjnvai
cfyrqrekytmwdxvjqgjgmjntdfmplskqoyuarngjunpdfwehbmigaavtnfndxponhlbwngmwubab
budlirwyuirsgxycgmwmezvwdwbgvdcjblvnxaubupfiwvzoanvequqpxmehkiasdkrvstvwzdbm
voyilcidosccqzvvljtijdzdednwmbkfgbrmbhauzkkygnpcfccapsdkdjvkzqigvwfhazslxyed
oxnjizzdpywlpoudrjbsxhnykirrlagnivhdirexhpjclsuxxfunliydfpmirxhmdfvcfizbrgmi
owxagwopwokxiyhjqnkkgjoepazlugufcwznmxiugszvvtsnijryqonuysksckagodfuypgfhhxk
smaykgvcurxyfkiznoulquvhgwfyijrczxfnswzytvqdiepzwoeekxewzvxxyeard/.././%50%4
8%50/./ HTTP/1.0
[Fri Nov 30 16:18:53 2001] [error] [client 207.33.111.32] Invalid method in
request HEAD%00
/%20HTTP/1.0%0D%0A%0D%0AAccept%3A%20hbjeqftxsuodwd/../../index.html%3fqoatfp
kbwzljzpsr=/../tccpzrngfnaopxuhkjqgecegxltihxrvqqgivxjfanillatnmkwzssruimupl
jbfjmfglgguflyquftjtlvrgrvpeezwcrsvyrnwusiejvvzxbawzzafisnjvupcjmqcgnnzclsid
wuvegyspdynrmgwjaabrvycqsvflfaqwqvbbwhwheayikpeityqhhbwkrebdprrfunpkassazjks
bjbljccayukcunsltcsfcisvczdmllbhakvdhjpwvwcyhcwtrrfympomnyqhgrwxfrmdfgwzurqy
etwhonzqhhkutwtsfbnkommwwnrjnqdydsrhqkfpppkgarcmbgreqhttsqwtamcydzyikwllggmj
ymjdwmejkqgnokvwqzikzyqhtzasenmzuwrermkdmoqwjwukvyemykcwggmloirclztortqiinta
jvjsydfoilkbirsdufhtjhtbnwhndwmrcuxdoqftehkyuarnievievwmppswzikybdngriowvpzw
nqoqyxmtjjyrputlwdjzhtnysfyhdmvfxfpgobsrdszabqmvwdckrtasqydfoljozytxoeyrlmmm
usekbnvkuoqwpaajyseilchllqpesopqsaaaltaqzqpppzqcucvolxojfzptqghfzelnfbafsjof
zivwwbxvsxporytpnpicsoqevafbtlphveckdzumcxqybdkeckdldrjavbimfzhbemdlriaomspk
xdcfztfcbkwhspqfzlohwqmvajljjmertfjhgmphbdsnuzkqdpxjhcumsadomgkhvccbclurgesq
qjjffgomwssmmfsjlyoeigognydawhawstmwenyxoeyelskjbiaxfmibjhjvxfqgifabphqprrfz
bhucyzcrahbhyjifdbdzkgfizbviurmsczmbfoxbuyqxglqxbvtlmjcuvssefygjupodmsmvkjfa
peronpmpnvypgsqkcysqzrbissmguficzjtiukhuzphkthqpvdxlaechpcafgvnpxdxpdpiksdjm
nsvbvcmdveejitbhovacgtjdvswrrclnpvgbfgqjvmlyovtkihjgoujatzxrnomtlstsgjpddzlm
trjvawvfvwvvhdkjkjboyoedatwrcfqqmzpkvnymnxubgswmmmmrfhfnqoupgmqwiyepifaexrra
xxedtqvypeoxbuxikduwcmfottmanahslgtfuikndbkswubebhxaihtcsuddpcapafdrxrremxwj
wppkzmhmtmlwzouaqpbxyhaizwzkoxptaejbolihyabwvtnsssdwryyknanjlxrtviwvobonfews
xudnndzdnilfqwsguaguexoulkoxeurjxampbxfsecqoxhbsruhlkqhsidlchxrctp/.././%4d%
4c%4f%47%2e%50%48%54%4d%4c HTTP/1.0


It doesn't look like codered/nimda so what could it be? and whats it trying
to do?


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com