Re: BBLISA: Strange entries in access log

Thu, 02 Jan 2003 08:11:12 -0800

You really want to tell the ISP, so they can shutdown the person. Most of the cases are like this one, it's someone on a dynamic IP address. So it's almost imposible for you to tell who had that address, and it's doubtful that if you got intouch with the person they would even understand.

johno

Betsy Schwartz wrote:

That's the Code Red worm which caused so much fuss last year. Won't hurt your Unix server any. You may wish to let the scanning address's owner know that they're infected though



At 10:00 AM 1/2/2003 -0500, Dima wrote:

66.189.100.35 - - [02/Jan/2003:08:08:31 -0500] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 282
66.189.100.35 - - [02/Jan/2003:08:08:31 -0500] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 280

---
Send mail for the `bblisa' mailing list to `[EMAIL PROTECTED]'.
Mail administrative requests to `[EMAIL PROTECTED]'.






---
Send mail for the `bblisa' mailing list to `[EMAIL PROTECTED]'.
Mail administrative requests to `[EMAIL PROTECTED]'.























					Reply via email to