[2988] in WWW Security List Archive
phf attacks in Australia
daemon@ATHENA.MIT.EDU (Gary Meltzer)
Thu Sep 19 03:07:30 1996
From: garym@softshore.com.au (Gary Meltzer)
To: www-security@ns2.rutgers.edu
Date: Thu, 19 Sep 1996 04:09:35 GMT
Errors-To: owner-www-security@ns2.rutgers.edu
There was an icephf script being run from a cracked account
at an Australian site in the last couple of days.
The script was using a file with the names of 200 Australian? servers.
I have also seen the phf ARL (Aggressive Resource Locator)
from another Australian site.
Auscert have been contacted.
We suggest reviewing your http access logs for phf immediately,
and if you find the ARL then contact auscert@auscert.org.au
(http://www.auscert.org.au) or your local CERT/FIRST equivalent.
(Apologies to those who would still like www-security to be primarily
a forum for discussing www-security standards.)
-- Gary Meltzer mailto:garym@softshore.com.au
Soft Shore Industries Pty Ltd http://www.softshore.com.au/
PO Box 972, Bondi Junction, Ph 1-800-685-400
NSW 2022, Australia. Fax (02) 9665-4349
-- Specialists in applying and supplying technology
