Created
June 18, 2012 23:11
-
-
Save darron/2951370 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Jun 18 13:34:44 bam apache2: [error] [client 216.208.7.254] ModSecurity: Warning. Pattern match "(?i:([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?([\\\\d\\\\w]+)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?(?:=|<=>|r?like|sounds\\\\s+like|regexp)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?\\\\2|([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\ ..." at REQUEST_COOKIES:__utmz. [file "/etc/modsecurity/modsecurity_crs_41_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2.2.4"] [msg "SQL Injection Attack"] [data "r=r"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "website.com"] [uri "/images/layout/gsep.png"] [unique_id "T9@C1a3La5wAABewQr0AAABJ"] | |
Jun 18 13:34:44 bam apache2: [error] [client 216.208.7.254] ModSecurity: Warning. Operator LT matched 20 at TX:inbound_anomaly_score. [file "/etc/modsecurity/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 15, SQLi=15, XSS=): SQL Injection Attack"] [hostname "website.com"] [uri "/images/layout/gsep.png"] [unique_id "T9@C1a3La5wAABewQr0AAABJ"] | |
Jun 18 13:34:53 bam apache2: [error] [client 173.248.147.18] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity/modsecurity_crs_21_protocol_anomalies.conf"] [line "47"] [id "960015"] [rev "2.2.4"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "website.com"] [uri "/"] [unique_id "T9@C3q3La5wAABKBOxUAAAAP"] | |
Jun 18 13:34:53 bam apache2: [error] [client 173.248.147.18] ModSecurity: Warning. Operator LT matched 20 at TX:inbound_anomaly_score. [file "/etc/modsecurity/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 2, SQLi=, XSS=): Request Missing an Accept Header"] [hostname "website.com"] [uri "/"] [unique_id "T9@C3q3La5wAABKBOxUAAAAP"] | |
Jun 18 13:34:56 bam apache2: [error] [client 216.208.7.254] ModSecurity: Warning. Pattern match "(?i:([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?([\\\\d\\\\w]+)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?(?:=|<=>|r?like|sounds\\\\s+like|regexp)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?\\\\2|([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\ ..." at REQUEST_COOKIES:__utmz. [file "/etc/modsecurity/modsecurity_crs_41_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2.2.4"] [msg "SQL Injection Attack"] [data "r=r"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "website.com"] [uri "/showroom/tent-trailer"] [unique_id "T9@C4a3La5wAABfpeL0AAAAA"] | |
Jun 18 13:34:56 bam apache2: [error] [client 216.208.7.254] ModSecurity: Warning. Pattern match "(?i:([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?([\\\\d\\\\w]+)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?(?:=|<=>|r?like|sounds\\\\s+like|regexp)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?\\\\2|([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\ ..." at REQUEST_COOKIES:__utmz. [file "/etc/modsecurity/modsecurity_crs_41_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2.2.4"] [msg "SQL Injection Attack"] [data "r=r"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "website.com"] [uri "/showroom/tent-trailer"] [unique_id "T9@C4a3La5wAABfpeL0AAAAA"] | |
Jun 18 13:34:56 bam apache2: [error] [client 216.208.7.254] ModSecurity: Warning. Pattern match "(?i:([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?([\\\\d\\\\w]+)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?(?:=|<=>|r?like|sounds\\\\s+like|regexp)([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\(\\\\)]*)?\\\\2|([\\\\s'\\"`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\ ..." at REQUEST_COOKIES:__utmz. [file "/etc/modsecurity/modsecurity_crs_41_sql_injection_attacks.conf"] [line "77"] [id "950901"] [rev "2.2.4"] [msg "SQL Injection Attack"] [data "r=r"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"] [tag "WASCTC/WASC-19"] [tag "OWASP_TOP_10/A1"] [tag "OWASP_AppSensor/CIE1"] [tag "PCI/6.5.2"] [hostname "website.com"] [uri "/showroom/tent-trailer"] [unique_id "T9@C4a3La5wAABfpeL0AAAAA"] | |
Jun 18 13:34:56 bam apache2: [error] [client 216.208.7.254] ModSecurity: Warning. Operator LT matched 20 at TX:inbound_anomaly_score. [file "/etc/modsecurity/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 15, SQLi=16, XSS=): SQL Injection Attack"] [hostname "guaranteerv.com"] [uri "/index.php"] [unique_id "T9@C4a3La5wAABfpeL0AAAAA"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment