Essentially, my access logs fill up with lines like “SEARCH /x90x02xb1…” (for 32,000 characters), and my Apache configuration has proved very stubborn in filtering them out automatically. So it’s a bit annoying. Plus I don’t like 32KB getting sent to my server unsolicited, in much the way that spam is.
Accountability
What to do with your hack attack server logs
Submitted by Jon Garfunkel on April 4, 2004.Following is a bunch of hack attacks against my server which are trying to exploit the problem identified by the Computer Emergency Reponse Team (CERT) as
CA-2003-09 Buffer Overflow in Core Microsoft Windows DLL (also see its CVE entry)
Identity Theft? Why not an instant-audit trail on credit card transactions?
Submitted by Jon Garfunkel on January 9, 2004.You’d think, with financial fraud costing society about $35 billion last year (that’s over $100 per person), the credit institutions would do more to fix this. While they talk mightily about the fantastic biometric technologies on the horizon, they keep a lot of people employed handling all of this identity fraud and pitching “Identify Theft Solutions”. But they don’t have to. Here’s a breathtakingly simple solution: start having the major credit card companies, as well as the major credit bureaus, register people’s email and SMS addresses.
Recent comments
14 weeks 3 days ago
35 weeks 5 days ago
1 year 6 weeks ago
1 year 7 weeks ago
1 year 8 weeks ago
1 year 14 weeks ago
1 year 17 weeks ago
1 year 20 weeks ago
1 year 21 weeks ago
1 year 21 weeks ago