[EMAIL PROTECTED] # ./DDoS 68.56.176.39 :)
On Mon, 03 Nov 2003 Yashpal Nagar wrote : > > >access_log contains:- >### >. >. >68.56.176.39 - - [03/Nov/2003:14:36:15 +051800] "GET >/scripts/root.exe?/c+dir HTTP/1.0" 404 1041 "-" "-" >68.56.176.39 - - [03/Nov/2003:14:36:15 +051800] "GET >/MSADC/root.exe?/c+dir HTTP/1.0" 404 1041 "-" "-" >68.56.176.39 - - [03/Nov/2003:14:36:16 +051800] "GET >/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 1041 "-" "-" >68.56.176.39 - - [03/Nov/2003:14:36:17 +051800] "GET >/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 1041 "-" "-" >68.56.176.39 - - [03/Nov/2003:14:36:17 +051800] "GET >/scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 1041 "-" >"-" >68.56.176.39 - - [03/Nov/2003:14:36:18 +051800] "GET >/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir >HTTP/1.0" 404 1041 "-" "-" >68.56.176.39 - - [03/Nov/2003:14:36:18 +051800] "GET >/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir >HTTP/1.0" 404 1041 "-" "-" >68.56.176.39 - - [03/Nov/2003:14:36:19 +051800] "GET >/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir > HTTP/1.0" 404 1041 "-" "-" >68.56.176.39 - - [03/Nov/2003:14:36:20 +051800] "GET >/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 1041 "-" >"-" >. >. >.###### > >I think my server is being tried for hacking ? What to do now. >Should i forward such request to M$ which we did at one pt of time.:) > >/yash > > > > > > > > > > >On Sat, 2003-11-01 at 20:39, Sandip Bhattacharya wrote: > > Yashpal Nagar wrote: > > > > > Dear team, > > > > > > I have one web server with no site hosted on it. I just use it for > > > smokeping latency check. But for the last few days i am seeing in > > > error_log > > > > > > [Sat Nov 01 17:52:00 2003] [error] [client 210.174.164.7] Directory > > > index forbidden by rule: /var/www/html/ > > > [Sat Nov 01 17:52:06 2003] [error] [client 65.138.121.92] Directory > > > index forbidden by rule: /var/www/html/ > > > [Sat Nov 01 17:53:16 2003] [error] [client 12.209.185.230] Directory > > > index forbidden by rule: /var/www/html/ > > > [Sat Nov 01 17:53:25 2003] [error] [client 67.38.12.57] Directory index > > > forbidden by rule: /var/www/html/ > > > [Sat Nov 01 17:55:28 2003] [error] [client 66.233.76.187] Directory > > > index forbidden by rule: /var/www/html/ > > > [Sat Nov 01 17:57:20 2003] [error] [client 219.78.196.35] Directory > > > > > > > What are the corresponding entries in access_log? > > > > - Sandip > > > > > > -- > > Sandip Bhattacharya http://www.sandipb.net > > sandip at puroga.com > > Puroga Technologies Pvt. Ltd. > > http://www.puroga.com > > > > > > > > _______________________________________________ > > ilugd mailing list > > [EMAIL PROTECTED] > > http://frodo.hserus.net/mailman/listinfo/ilugd > > > > > >_______________________________________________ >ilugd mailing list >[EMAIL PROTECTED] >http://frodo.hserus.net/mailman/listinfo/ilugd _______________________________________________ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
