Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.


Welcome to KnowledgeSutra - Dear Guest , Please Register here to get Your own website. - Ask a Question / Express Opinion / Reply w/o Sign-Up!

0

Http Logs For Directory "iqici" Anyone Else?

Started by shadowx, Jul 18 2011 09:27 AM

Reply to this topic

No replies to this topic

#1 shadowx

Live your life so that in death you may stand side by side with your gods. Not at their feet.

Kontributors
1,674 posts

Gender:Male
Location:Essex, UK
Interests:Photography is a big interest, i have some photos up at my site, apex photographs (http://apex-photographs.com). Using my Lumix g1 to take the photos of course! <br /><br />Um computer games... photo editing and thats about it!
myCENT:36.41

Posted 18 July 2011 - 09:27 AM

I have had this before and at the time it seems my site may have actually been infected with something, this time my site is secure and my custom error handling is taking care of the problems.

My access logs have a lot of requests for PHP scripts in the directory "mysite.com/iqici/sbtih" originating from different IPs on different subnets, suggesting they could be from a botnet perhaps or some other geographically dispersed network.

Is this a well known thing?

Like I said, my site is not at risk but it does show a number of clients requesting the same or similar files, so either they are command files for a botnet or they are part of a well known root kit or other exploit that clients are blindly trying to find by hitting every domain out there for those specific files.

Any insight?

Also had a hit for a wordpress upload URL so there must be an exploit out there for that too considering I dont use WP

Back to Website Discussion · Next Unread Topic →

Reply to this topic

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users