I installed the 'guest tracker' mod on my forum, and when I checked guest activity tonight, I found this:

The visible link points to:
http://www.chaoshang.net/rc/dmc.txt?
but the actual http code links to:
http://orillianetworks.ca/forum/misc...et/rc/dmc.txt?
which is a smiley FAQ page within my site, apparently (never saw that page before).
The IP address is purportedly in Brazil - unless, of course, it's proxied.
Can any of you advanced users tell me what the script is trying to do? I have safe backups and my site isn't so busy that anything really awful is gonna happen, but I am curious about what the vulnerability factor is here. Any input would be welcome; I like learning things.
The visible link points to:
http://www.chaoshang.net/rc/dmc.txt?
but the actual http code links to:
http://orillianetworks.ca/forum/misc...et/rc/dmc.txt?
which is a smiley FAQ page within my site, apparently (never saw that page before).
The IP address is purportedly in Brazil - unless, of course, it's proxied.
Can any of you advanced users tell me what the script is trying to do? I have safe backups and my site isn't so busy that anything really awful is gonna happen, but I am curious about what the vulnerability factor is here. Any input would be welcome; I like learning things.

Comment