They ARE looking... very busy

[Power Wagon]

Northwest Bombers website - www.nwbombers.com has, according to it's logs, been quite popular.



FBI

Naval Intellgence

Bureau of Prisons -Feds, no less.

US Bureau of Reclamation

Several unrecognizable . MIL sites

Also, several .gov sites I can't identify.



anyone identify this?:

mpb. jccbi.gov

i can't.



The nice folks even read through out forums a bit.



perhaps even:

Naval Intelligence from Los Angeles area? They keep coming back



Bureau of Prisons -Feds, no less.



Others: KING TV, Channel 5 Seattle

TRW

Boeing (members work there, perhaps that's it)



Now, a few of the hits are just to grab linked images from TDR or other sites.



Among them, Earl Baker, at JPL. (if he reads this, won't he be surprised. IT named his pc this: earl-baker-pc-pentium. jpl. nasa.gov



HOw aobut this:

harvard. cheyennemountain. af. mil

The poor boys are using NT4 and IE4. 01

This is the bunker buried deep in the mountain in Colorado.



You don't suppose the guys locked in that place are so bored they're surfing our truck sites???



trigger. vance. af. mil

That's gotta be a truck enthusiast, no?





Just find it interesting.

 

[Don M]

the "bombers" part of the title is the trigger.



jccbi.gov is air traffic related.





NT and IE 4? kinda funny... .





Jet propulsion lab huh?



question. . what Im I using?



Don~

 

[Power Wagon]

not a clue. Some browsers, notably IE specifiy thier OS and version. Others show up as "mozzilla" or otherwise.



The naval intelligence hits were Mozilla 3. 1 or 3. 01, if memory serves and no OS report.



Must be something custom built.

 

[Power Wagon]

I forgot to mention. two porn sites continue to send hits to my site.



And, hacker or viral attacks on my site have continued unabated since I opened the doors.



There WAS an opening for exploit in IIS, which someone wrote a virus to exploit and use to self-propagate. several times a day, that attempt is made.



#reqs: %bytes: domain

------: ------: ------

294807: 53. 67%: .com (Commercial)

189457: 36. 30%: .net (Network)

29246: 7. 77%: [unresolved numerical addresses]

1605: 0. 61%: . mil (USA Military)

1776: 0. 35%: . edu (USA Educational)

1195: 0. 28%: .gov (USA Government)

1231: 0. 26%: . us (United States)

638: 0. 24%: .org (Non-Profit Making Organisations)

410: 0. 21%: . ca (Canada)

378: 0. 20%: . au (Australia)

160: 0. 09%: . mx (Mexico)

5: 0. 01%: . it (Italy)

30: 0. 01%: . ae (United Arab Emirates)

5: 0. 01%: . de (Germany)

5: 0. 01%: . jp (Japan)

5: 0. 01%: . nz (New Zealand)

7: : . fr (France

 

[Don M]

hacker or viral attacks? do you mean port scanning? I just hit it with Neotrace. No big deal, just a prog to find out domain name, ping times, location of server. Florida? 77 ms was the time. Not bad.





What do you run the site with?



Don~

 

[Power Wagon]

There is a virus, which, when it infects a webpage and is downloaded, it will run and try to infect other pages on other servers.



This virus is known by it's signature in the raw web server logs.



It asks for a specific file ,and uses an oversize request to try to exploit an IIS weakness. Of course, nw bombers is on an entirely different OS No chance of getting hacked that way.