2009/1/10 Dr Adam Trickett <adam.trickett@???>:
> Hi,
>
> I don't know if anyone is running Round Cube Email but my web server is
> getting a lot of automated scans for it. I gather there is a nasty security
> hole in it that is being exploited at the moment, if you use this tool please
> make sure you are up to date and correctly configured.
>
> Obviously one should always keep one's system up to date however this warning
> is real not a Peter and Wolf scare.
Ah. That would explain these, then:
0.000249 372 aaa.ccc.bbb.nnn 10/Jan/2009:15:17:09 +0000 GET
/nonexistenshit HTTP/1.1
0.000099 376 aaa.ccc.bbb.nnn 10/Jan/2009:15:17:11 +0000 GET
/mail/bin/msgimport HTTP/1.1
0.000098 371 aaa.ccc.bbb.nnn 10/Jan/2009:15:17:12 +0000 GET
/bin/msgimport HTTP/1.1
0.000084 374 aaa.ccc.bbb.nnn 10/Jan/2009:15:17:13 +0000 GET
/rc/bin/msgimport HTTP/1.1
0.000095 381 aaa.ccc.bbb.nnn 10/Jan/2009:15:17:14 +0000 GET
/roundcube/bin/msgimport HTTP/1.1
0.000089 379 aaa.ccc.bbb.nnn 10/Jan/2009:15:17:15 +0000 GET
/webmail/bin/msgimport HTTP/1.1
coming from a variety of (probably innocently subverted) IP addresses
over the last few days.
Not a RoundCube user myself so I just shrugged when I saw them.
>
> Hope everyone is enjoying the frosty weather - it looks pretty outside at the
> moment - though I'm glad I'm not actually outside in the frost!
Yes, prettier to be sitting on the inside looking out than sitting on
the outside looking in.
Trouble is once this goes then it reverts to being damp & squelchy again
