I just got cable internet recently, so I'm playing around with web services on my Linux computer (SuSE). While I'm in the learning period on this, I've started out with max paranoia mode on. besides the firewall that my router provides(which I've tuned up some), I'm also using iptables to fine tune my security measures. I've locked down any mod in Apache that I'm not currently using (currently I'm only serving up straight pages with some clientside javascript, so I don't need a lot). This being said, I'm no less secure than most people serving up web pages.
Looking at my Apache logs, I've found several attempts to attack my server from several different IPs. But dispite the different sources, they all appear to follow one of two pre-scripted patterns. The first seems to be a buffer overflow attack. The second just a sequence of probes looking for Windows vulnerabilities. This attack consists of 16 GETs trying to access either root.exe or cmd.exe. It is always the same sequence, and always earns the cracker wannabe at the other end a sequence of 400 and 404 error codes from my Linux box.
Now to the point. <rant>We have all these crackers in the world trying to prove they're something special, and they're using pre-made scripts. It seems stupid to me to try and prove you're *elite* by using somebody else's assemblyline script. What's happened to all the innovation these days. Windows has even siphoned out the need for innovation in crackers, because they're obviously so easy to crack. This may seem like a stupid thing to rant about, but it struck me as strange, that there are so many hack attempts out there and they all seem the same; they're all scripted wastes of time. Do these kids have nothing better to do than put their binary fingerprints all over every server on the 'net?</rant>