Network Security: Detailed info on GET GET seen in Apache logs from Nessus Scan

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Nessus-Users

[Top] [All Lists]

GET GET seen in Apache logs from Nessus Scan

from [Brian Jameson] Network Security

[Permanent Link]

Subject:	GET GET seen in Apache logs from Nessus Scan
Date:	Sat, 18 Jun 2005 12:33:40 +0100

I see the following in my Apache web logs after each Nessus scan:-

GET GET %2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/windows/win.ini
GET GET %2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/winnt/win.ini

I think that this duplication of GET is rather an odd construct
and was wondering a) Is this intentional, if so what does it show?
or b) is this an error in the writing of the Nessus rule?

I have done a quick scan of the plugins and the nearest I can find is
'analogx_traversal.nasl' (but I could be wrong) but I don't see why it
 duplicates the 'GET'.

Can someone put me out of my misery and let me know what is going on here.
regards,
Brian

P.S. I guess I need to find some time and try writing a few nessus plugins
and hopefully improve my understanding!
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
GET GET seen in Apache logs from Nessus Scan, Brian Jameson <= Re: GET GET seen in Apache logs from Nessus Scan, Michel Arboi Re: GET GET seen in Apache logs from Nessus Scan, Hugo van der Kooij

Previous by Date:	RE: Why i'm i getting unused IPs in reports as if they had ports open.., Tony Howlett
Next by Date:	Re: GET GET seen in Apache logs from Nessus Scan, Michel Arboi
Previous by Thread:	Vhosts, Erik Stephens
Next by Thread:	Re: GET GET seen in Apache logs from Nessus Scan, Michel Arboi
Indexes:	[Date] [Thread] [Top] [All Lists]