I am currently 'playing' with apache, does anyone here ever get tired of; <snip> [Wed Jan 30 15:30:59 2002] [error] [client 210.74.146.190] File does not exist: /somedir/scripts/root.exe [Wed Jan 30 15:31:01 2002] [error] [client 210.74.146.190] File does not exist: /somedir/MSADC/root.exe [Wed Jan 30 15:31:03 2002] [error] [client 210.74.146.190] File does not exist: /somedir/c/winnt/system32/cmd.exe [Wed Jan 30 15:31:05 2002] [error] [client 210.74.146.190] File does not exist: /somedir/d/winnt/system32/cmd.exe [Wed Jan 30 15:31:06 2002] [error] [client 210.74.146.190] File does not exist: /somedir/scripts/..%5c../winnt/system32/cmd.exe [Wed Jan 30 15:31:08 2002] [error] [client 210.74.146.190] File does not exist: /somedir/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe [Wed Jan 30 15:31:10 2002] [error] [client 210.74.146.190] File does not exist: /somedir/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe [Wed Jan 30 15:31:12 2002] [error] [client 210.74.146.190] File does not exist: /somedir/msadc/..%5c../..%5c../..%5c/..�^\../..�^\../..�^\../winnt/system32/cmd.exe </snip>
I mean this attack was directed at an NT/2k/XP machine. I have whois'ed the IP and have someone to complain to, what is the general attitude here towards responding to provocation such as this? I do realise that .190 is not a specific address and will probably not be traceable back to the purpotrating computer. But someone needs a good stiff slaping with a dripping wet trout. Mark Carey _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com
