Rick wrote in with a log snippet showing someone out there actively scanning his webserver for an installation of horde:
2007-08-08 05:49:33 xxxxxx XXXXXXX 192.168.aaa.aaa GET /horde/README
My guess: they're looking to find boxes to exploit with CVE-2006-1491
If you're using horde, make sure that the version you're running is up-to-date. Not running horde? Make sure: horde is one of those things that admins will often install to "try it out..." You might want to take a quick look around, just to be sure. Nothing worse than getting whacked by your own tools...
Anyone else seeing scanning like this?
(Also, if you haven't picked up on the diary title drift yet, your kindly narrator has decided to try to class the joint up a bit... Anyone know the source of that quote?)
Aug 8th 2007
1 decade ago