so... ive noticed this before in my webserver logs...
68.50.124.251 - - [20/Nov/2003:23:07:12 -0500] "GET /scripts/..%%35c../winnt/
system32/cmd.exe?/c+dir HTTP/1.0" 400 292
so... looks like someone it scanning for a winnt based server they can exploit
to me.. anyway, obviously its not an acutal problem, but I figured maybe some
of you have had simular issues, and come up with creative solutions... like
with ip tables or something :)
Jamie
--
It's a bird..
It's a plane..
No, it's KernelMan, faster than a speeding bullet, to your rescue.
Doing new kernel versions in under 5 seconds flat..
-- Linus, in the announcement for 1.3.27
_______________________________________________
EuG-LUG mailing list
[EMAIL PROTECTED]
http://mailman.efn.org/cgi-bin/listinfo/eug-lug
