NetTalk Central
NetTalk Web Server => Web Server - Ask For Help => Topic started by: jorgeb on August 25, 2014, 12:07:03 PM
-
In my application log has the following record:
GET http://hotel.qunar.com/render/hoteldiv.jsp?&__jscallback=XQScript_4 HTTP/1.1
Accept-Encoding: gzip,deflate,sdch
Referer: http://hotel.qunar.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36
Host: hotel.qunar.com
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Proxy-Connection: keep-alive
I want to know if this is a sign of alarm and if so what I can do to prevent and be safer. And if not dangerous, to know also.
In my application I have the basis of Example 3 (BasicLogin) to only registered users from accessing a consultation of their orders.
Working with NT7.39 and C91
Thanks in advance
-
this is not dangerous (for a NetTalk server anyway.)
presumably it is dangerous to some system, so there's a script looking for this vulnerability.
Actually if you check your logs you'll see lots and lots of this sort of request - probing the server to see if it responds to common vulnerabilities in other servers.
cheers
Bruce
-
Yeah,
On my public Nettalk webservers, I routinely see all sorts of calls made to phpmyadmin and other routes. Tons of them. Quite funny actually. Oh well, I guess it is wasting processing time for some hacker, so I consider it a community service! ;D
Cheers,
Devan
-
Ok. Many thanks for the information, Bruce and Devan.
Regards