Results 1 to 4 of 4

Thread: Weird Entries in my logs

  1. March 8th, 2007, 02:53 AM #1
    niggles
    niggles is offline
    Member
    Join Date
    Oct 2006
    Posts
    41

    Weird Entries in my logs

    I log the contents of user searches into a database table and found some weird entries in it this morning. The script only searches specified tables i.e I haven't indexed my entire site with a crawler script or anything so they couldn't find the terms below.

    The searches were:

    mdmsupr3
    InstallWMFSDK
    scredir
    adminpak
    CallSceSetupRootSecurity
    spxcoins


    and several others. Each request was 5 or 6 seconds apart and tried a couple of different search options from my dropdown list of search types.

    I Googled a few of them and saw they were Window's DLL's or something?

    Any idea what this was?

    Cheers,
    Niggles
    Reply With Quote Reply With Quote
  2. March 8th, 2007, 03:32 PM #2
    SirDice
    SirDice is offline
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    What are the users supposed to search for? I wouldn't worry too much about it. There aren't any really weird things in there like a' OR 1=1; SELECT * FROM users; ?
    Oliver's Law:
    Experience is something you don't get until just after you need it.
    Reply With Quote Reply With Quote
  3. March 8th, 2007, 10:48 PM #3
    niggles
    niggles is offline
    Member
    Join Date
    Oct 2006
    Posts
    41

    Talking

    What are the users supposed to search for?
    It's a music site, so definitely not the terms I found :-)

    All my input is filtered for attacks like you mentioned.

    Cheers,
    Nigel
    Reply With Quote Reply With Quote
  4. March 9th, 2007, 10:56 AM #4
    Aardpsymon
    Aardpsymon is offline
    Senior Member Aardpsymon's Avatar
    Join Date
    Feb 2007
    Location
    St Annes (aaaa!)
    Posts
    434
    Maybe its users being idiots and searching the wrong site? Either:

    1) They think you have those files
    2) They are bored and want to see if you have those files
    3) Idiots.

    All of the above perhaps.

    But I'm with SirDice on this one, searching for silly files no problem. Putting SQL type nonsense or web headers etc, different matter.
    If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. Weird Entry In Web Logs
    By Irongeek in forum Web Security
    Replies: 14
    Last Post: March 2nd, 2006, 05:36 PM
  2. Weird Log Entries and
    By st34ever in forum Web Security
    Replies: 8
    Last Post: January 27th, 2005, 02:10 PM
  3. can't rid my computer of Spoton
    By rpgraff in forum Spyware / Adware
    Replies: 16
    Last Post: August 24th, 2004, 08:01 AM
  4. Central Secure Logging in a Win2k Environment
    By Tiger Shark in forum The Security Tutorials Forum
    Replies: 5
    Last Post: March 4th, 2004, 05:00 PM
  5. A look into IDS/Snort Whole thing by QoD
    By qod in forum The Security Tutorials Forum
    Replies: 6
    Last Post: February 27th, 2004, 03:03 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules