Short answer is that this is a worm.... Don't worry about it. This is why you are not running IIS right? This is just some sneezy, infected winblows machine out there trying to spread its germs to your *nix server. Just make sure you keep your server patched and current....
Shannon Mat Branyon wrote: >I am running a webserver via dyndns and I have noticed that someone is >trying to run cmd.exe on my server: > >(ftp.vertex-networks.com - - [10/Feb/2003:07:14:14 -0600] "GET >/scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 - > >I searched everywhere for cmd.exe on my freebsd server and was unable to >find it (I wonder why). So then the thing that i see this could be is a >skript kiddie, with a really stupid program. What can I do to block >these requests, as they are taking up bandwidth? I have a firewall with >snort and squid, but don't really know how to use them (I am looking >that up right now). I started running this server a few days ago, thats >how fast the attacks started coming in. I have also had some attempted >ssh logins to my computer. > >--mat || http://locke.homeunix.org || If mathematically you end up with >the wrong answer, try multiplying by the page number. > > >_______________________________________________ >General mailing list >[email protected] >http://oxygen.nocdirect.com/mailman/listinfo/general_brlug.net > >
