The MU forums have moved to WordPress.org

was i hacked? (5 posts)

  1. demonicume
    Member
    Posted 15 years ago #

    i got a strange ip address trying to access my site. it was blocked, i think, but it looks like it tried to access something it shouldnt have. anyone recognize this address?

    'http://10.1.10.221:15871/cgi-bin/blockOptions.cgi?ws-session=453289753'

    i tried tracing it to no avail.

  2. lunabyte
    Member
    Posted 15 years ago #

    You'll get crap like that in your logs. It's nothing but kiddies that try to snoop for a hole to play with.

    They just roll along with domain names or ip's, and try it. Doesn't matter if its there or not, and if not their little program or whatever they found keeps moving on.

  3. drmike
    Member
    Posted 15 years ago #

    A quick Google search shows a number of tracking sites with that in their logs. a search for just that port number shows it's something called "Websense Enterprise Manager". Whatever that is...

  4. demonicume
    Member
    Posted 15 years ago #

    yeah, i saw that. just wanted to know if anyone else had seen something like it.

    thanks

  5. drmike
    Member
    Posted 15 years ago #

    For my install, it's folks looking for the older front page extentions and files.

About this Topic

  • Started 15 years ago by demonicume
  • Latest reply from drmike