[Snort-users] Scans detected for /admini and /admini/

R P G inittab at ...6979...
Wed Sep 25 09:44:02 EDT 2002


I created a simple rule yesterday that alerts on access to /admin on my
web server.  Within 24 hours I caught "scans" for the directory /admini
and /admini/.  It looks like someone is trying to find a default directory
of some web app.  Does anyone know what this could be?  Thanks!







More information about the Snort-users mailing list