sehh
- Total activity 126
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 32
Posts
Recent activity by sehh-
CVE-2014-2532 and CVE-2014-2653
Hello, I'm failing PCI validation due to these vulnerabilities: CVE-2014-2532 and CVE-2014-2653 I looked at the rpm changelog of openssh-server but can't find any mention of them. Do these vulne...
-
Rare case of SA that fails to scan properly
In a few rare cases, I've seen SpamAssassin allow some spam to go through with the following headers: X-Spam-Status: No, score= X-Spam-Score: X-Spam-Bar: X-Ham-Report: X-Spam-Flag: NO Anyone...
-
Attack via php session id
In the past month or so, I noticed a new attack on our servers. Many accounts of ours generate this error multiple times: PHP Warning: session_start(): The session id is too long or contains ill...
-
strange browser string (Mozilla/4.0 ... compatible)
I've noticed in my logs some strange behaviour from a few rare clients. Things appear normal at first, I see a Chrome browser sending requests like: "GET /favicon.ico HTTP/1.1" 200 1406 "mydomai...
-
all-in-one IP protection
As far as I know, once a system has been compromised (virus, rootkit, etc), it acts as a zombie host for a number of things. Thus, the same compromised system may act as a proxy to send spam, parti...
-
SSL authentication and gmail (SSL error)
I've disabled the "Allow Plaintext Authentication" under "Mailserver Configuration". Everything is working great, except gmail. We have several gmail accounts that connect and download emails from...
-
strange and too many authentication failures from legitimate clients
I'm having the following problem. The /var/log/maillog and /var/log/exim_reject are reporting a large number of failed authentication logins from my own client PCs. For example, one PC uses Thunde...
-
Quota is "stuck" and won't change
I have two accounts in a cPanel server, which show a quota of 4000MB. Both accounts are close to that limit (around 3900MB), so cPanel started sending out warning emails about the quota limit. Whe...
-
Anyone seen this type of GET requests? GET /?epl=
I'm receiving GET requests of the type: [quote] GET /?epl=xjFv5-RFSnCLevmcq2p0e65rd7UgoXCK5C7-x8zgo7mQvaOpuJAsnO0BFaGKINARDFzaWVg_9gsXMRRdvWgkWzoEAiHFbPYVFz418trzthe7SPUxwkFASqlybzUhVwbTfFGS-345rS...
-
modsec rule for POST /cgi-bin/php
Has anyone made a modsecurity rule to block requests of this type? POST /cgi-bin/php POST /cgi-bin/php5 POST /cgi-bin/php-cgi POST /cgi-bin/php.cgi POST /cgi-bin/php4 I'm looking for one already ...