On Thursday 25 July 2002 10:23, [EMAIL PROTECTED] wrote: > I posted a similar question a while ago and did not receive any > answer from this list. May be, folks on this list are admins/ > developers/programmers who are bothered mostly about application > itself and not security. May be there is an "overall security" > list where such questions may be posed. Anybody have suggestions > where questions such as these may be directed?
We are. But I think a good number of us are probably running UNIX, or some variant thereof. > It is probably a good idea to pay some attention to security. > A snippet from my access_log (same IP - somebody is curious!) > ---------------------------------------------- > [23/Jul/2002:11:49:38 -0800] "GET /c/winnt/system32/cmd.exe?/c+dir > HTTP/1.0" 404 648 > [23/Jul/2002:11:49:38 -0800] "GET /d/winnt/system32/cmd.exe?/c+dir > HTTP/1.0" 404 648 > [23/Jul/2002:11:49:38 -0800] "GET > /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 718 > [23/Jul/2002:11:49:39 -0800] "GET That's a script kiddy looking for nimda, code red, code red 2, or code green. To me, it's just a pain in the ass...flooding my bandwidth. Doesn't pose any real threat. But, there are certain versions of Tomcat 4.xx that may or may not be succeptible, and early versions of Apache 1.3.xx/Apache 2.xx for the unicode encoded urls, and of course IIS 4.0/5.0 if you're using the indexing server. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>