[SATLUG] Strange file.

Benjamin Temple temple_benjamin at hotmail.com
Tue Jan 13 16:18:44 CST 2009


it looks as if someone set that up with exploit code... maybe. See what it does on Winblows. You may have averted an attack by uing Linux.> Date: Tue, 13 Jan 2009 15:24:04 -0600> From: ian69 at comcast.net> To: satlug at satlug.org> Subject: [SATLUG] Strange file.> > I saw this URL show up in my firewall log and being curious, I> connected to it. Entering 82.95.104.173:8080 in a web browser> downloads a small data file:> > 00000000 93 89 C9 0D F5 A2 4F AC 9A E0 98 40 03 9C BE 03 38 03> 10 EA 28 A0 45 F7 6D 8E 4F 7A ......O.... at ....8...(.E.m.Oz> 0000001C BE B5 F3 E7 C9 CA 59 06 50 46 C2 38 FE 11 E1 63 E2 10> 09 BC 64 E9 F1 ED A9 C5 07 79 ......Y.PF.8...c....d......y> 00000038 83 D5 47 9A 0D 4E 65 99 7E C9 5E F3 5B 3F 68 6D C8 FB> 42 62 43 01 89 E6 DD 51 C1 05 ..G..Ne.~.^.[?hm..BbC....Q..> 00000054 3B 2D A6 96 E6 19 37 A7 0D DD 8E 7F F2 09 78 24 07 7C> D2 7A 31 E4 58 12 73 25 18 C5 ;-....7.......x$.|.z1.X.s%..> 00000070 C8 38 1B A2 1C CF BB DE F0 DB DB 1C 1E 77 BE 73 80 48> 7B 53 9D 5B B3 F8 B3 2F C7 EA .8...........w.s.H{S.[.../..> 0000008C BA DC 3C 0D AB 8F 80 AF F6 E6 9B CF A7 D4 D8 66 E7 B9> 73 E3 35 72 E6 41 55 30 29 AD ..<............f..s.5r.AU0).> 000000A8 50 4D E3 91 9E 3A AF 97 F8 70 99 36 DB 58 40 96 0D 8D> EB F5 E2 63 84 6B 50 58 FD 82 PM...:...p.6.X at ......c.kPX..> 000000C4 CB 5F 5A F8 17 AA CA 01 4B C1 65 73 49 61 C4 C2> ._Z.....K.esIa..> > I'm just curious as to what it is. Anyone? Anyone? Bueller?> -- > _______________________________________________> SATLUG mailing list> SATLUG at satlug.org> http://alamo.satlug.org/mailman/listinfo/satlug to unsubscribe> Powered by Rackspace (www.rackspace.com)
_________________________________________________________________
Windows Live™: Keep your life in sync. 
http://windowslive.com/explore?ocid=TXT_TAGLM_WL_t1_allup_explore_012009


More information about the SATLUG mailing list