hi all,

i have some weird log entry in my mod_security logs, when i open a random page (nothing todo with phpbb whatsoever) and do something against the rules like index.php?var=wget it blocks and logs the following:

------cut ---
========================================
Request: ******** - - [26/Jan/2005:01:21:55 +0100] "GET /index.php?var=wget HTTP/1.1" 406 268
Handler: application/x-httpd-php
----------------------------------------
GET /index.php?var=wget HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-$
Accept-Encoding: gzip, deflate
Accept-Language: en-us
Connection: Keep-Alive
Cookie: phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A32%3A%22098716940bd94180dfc61d34c7984447%2$
Host: optixdesigns.com
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
mod_security-message: Access denied with code 406. Pattern match "wget " at THE_REQUEST.
mod_security-action: 406

HTTP/1.1 406 Not Acceptable
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

---cut----

now i am thinking, what the hell does that cookie there?
someone used the highlight exploit in phpbb in one of my forums lately to ddos attacks other servers, thats why i installed mod_security so im wondering if this are traces of that exploit.

any thoughts on this would be apreciated