NetTalk Central

Author Topic: LOG: This is dangerous?  (Read 3725 times)

jorgeb

  • Newbie
  • *
  • Posts: 2
    • View Profile
    • Email
LOG: This is dangerous?
« on: August 25, 2014, 12:07:03 PM »
In my application log has the following record:

GET http://hotel.qunar.com/render/hoteldiv.jsp?&__jscallback=XQScript_4 HTTP/1.1
Accept-Encoding: gzip,deflate,sdch
Referer: http://hotel.qunar.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36
Host: hotel.qunar.com
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Proxy-Connection: keep-alive


I want to know if this is a sign of alarm and if so what I can do to prevent and be safer. And if not dangerous, to know also.
In my application I have the basis of Example 3 (BasicLogin) to only registered users from accessing a consultation of their orders.
Working with NT7.39 and C91
Thanks in advance

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: LOG: This is dangerous?
« Reply #1 on: August 27, 2014, 09:28:22 PM »
this is not dangerous (for a NetTalk server anyway.)

presumably it is dangerous to some system, so there's a script looking for this vulnerability.

Actually if you check your logs you'll see lots and lots of this sort of request - probing the server to see if it responds to common vulnerabilities in other servers.

cheers
Bruce

Devan

  • Full Member
  • ***
  • Posts: 230
    • View Profile
    • Email
Re: LOG: This is dangerous?
« Reply #2 on: August 27, 2014, 11:36:17 PM »
Yeah,

On my public Nettalk webservers, I routinely see all sorts of calls made to phpmyadmin and other routes.  Tons of them.  Quite funny actually.  Oh well, I guess it is wasting processing time for some hacker, so I consider it a community service!  ;D

Cheers,
Devan

jorgeb

  • Newbie
  • *
  • Posts: 2
    • View Profile
    • Email
Re: LOG: This is dangerous?
« Reply #3 on: August 28, 2014, 07:27:38 AM »
Ok. Many thanks for the information, Bruce and Devan.

Regards