Theme

Welcome · log in · join	food

	All Forums		Hot Topics		Gallery

Forums → Software and Operating Systems →

Security → What does this mean?

uniqs
859

« how does spybot's immunize function work? • My "SecurityCD" for computer illiterate »

nyteeyes1 RIP my beloved spook 1991 to 8-2-08 Premium Member join:2001-09-07 Jacksonville, FL	nyteeyes1 Premium Member 2004-Apr-16 1:07 pm What does this mean? I was reviewing my logs in NIS 2004, and I keep getting entries like this, they way it reads to me its my like my computer is doing the intruding. So what does it mean? Details: Attempted Intrusion "HTTP_ActivePerl_Overflow" from your machine against ehg-sonycomputer.hitbox.com(64.154.80.250) was detected and blocked Intruder: localhost(4392) Risk Level: Medium Protocol: TCP Attacked IP: ehg-sonycomputer.hitbox.com(64.154.80.250) Attacked Port: http(80)
	actions · 2004-Apr-16 1:07 pm ·
nyteeyes1	nyteeyes1 Premium Member 2004-Apr-16 2:25 pm anyone know?
	actions · 2004-Apr-16 2:25 pm ·
Bubba GIT-R-DONE MVM join:2002-08-19 St. Andrews	Bubba to nyteeyes1 MVM 2004-Apr-16 2:33 pm to nyteeyes1 Are you a perl user ? According to Symantec\NIS....along with the other info found at the below link....this may also be a false positive. HTTP_ActivePerl_Overflow said by Symantec: False Positive This signature may not indicate malicious intent if ActivePerl versions other than those listed above are used or ActivePerl is not used at all. In this case, you can exclude this signature from monitoring.
	actions · 2004-Apr-16 2:33 pm ·
nyteeyes1 RIP my beloved spook 1991 to 8-2-08 Premium Member join:2001-09-07 Jacksonville, FL	nyteeyes1 Premium Member 2004-Apr-16 2:35 pm Well to be honest, I dont know what perl is, could you explain? thanks
	actions · 2004-Apr-16 2:35 pm ·
Bubba GIT-R-DONE MVM join:2002-08-19 St. Andrews	Bubba MVM 2004-Apr-16 2:43 pm said by nyteeyes1: Well to be honest, I dont know what perl is, could you explain? Sorry....I was hoping the NIS FAQ would useful info but the only perl I know about has an a in it and I only know about that kind because my lovely wife wants me to get her some. Hopefully the perl guys will speak up.
	actions · 2004-Apr-16 2:43 pm ·
siggyx Siggy Premium Member join:2003-12-10 Cambridge	siggyx to nyteeyes1 Premium Member 2004-Apr-16 3:20 pm to nyteeyes1 Your wife and every other wife out there it seems. Found this if it helps.»www.activestate.com/Prod ··· dex.plex
	actions · 2004-Apr-16 3:20 pm ·
nyteeyes1 RIP my beloved spook 1991 to 8-2-08 Premium Member join:2001-09-07 Jacksonville, FL	nyteeyes1 Premium Member 2004-Apr-16 4:18 pm Im still not sure if I have it though.
	actions · 2004-Apr-16 4:18 pm ·
sivran Vive Vivaldi Premium Member join:2003-09-15 Irving, TX	sivran Premium Member 2004-Apr-16 6:06 pm said by nyteeyes1: Im still not sure if I have it though. If you're not sure you have it, then you don't. Perl is a scripting language commonly used in *nix environments and for CGI applications on the web. (CGI apps can be written in other languages, but Perl is most common) ActivePerl is a Windows perl interpreter, used to run perl scripts on Windows machines. It is a third-party software program, and does not ship with Windows. The Symantec page says you can disable monitoring for this event. You should consider doing that.
	actions · 2004-Apr-16 6:06 pm ·
nyteeyes1 RIP my beloved spook 1991 to 8-2-08 Premium Member join:2001-09-07 Jacksonville, FL 2 edits	nyteeyes1 Premium Member 2004-Apr-16 8:35 pm Thanks, I will do that.
	actions · 2004-Apr-16 8:35 pm ·

Forums → Software and Operating Systems → Security	« how does spybot's immunize function work? • My "SecurityCD" for computer illiterate »