w00tw00t.at.ISC.SANS.DFind - Server hacked?

Discussion in 'Malware Help (A Specialist Will Reply)' started by tk421, Apr 6, 2009.

  1. tk421

    tk421 Private E-2

    Hi,

    My Linux web server has been acting strangely lately, with Apache apparently falling over, often several times a day, requiring a manual restart. Looking at my access logs, I see a lot of entries that contain:

    "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 334 "-" "-"

    This address seems to relate to hacking attempts. What should I do?
     
    tk421, Apr 6, 2009
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    This is a windows based forum. You need to post in a Unix based forum. :(
     
    TimW, Apr 9, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds