0

What is the possible ^null$ exploit reported by LogWatch?

view story
linux-howto

http://stackoverflow.com – LogWatch is a nice tool that provides daily reports on linux log files. It includes several information summaries, like traffic, users who logged in, who used sudo, relevant kernel messages, IPs that probed the server, search engines that probed your apache, etc... One section includes IP addresses that used known exploits attempts to hack your server. They didn't necessarily succeed, but they are listed in the report anyway for knowledge. This is what it looks like. Attempts to use known hacks by 4 hosts were logged 4 time(s) from: 187.13.156.179: 1 Time(s) ^null$ 1 Time(s) 187 (HowTos)