Apache access logs
Fedora C2
Apache Linksys router connected to cable modem I just recently setup my webserver, and allowed access to it thru the web. I was poking around in the logs, and I some messages like this: "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 297 "-" "-" Is this someone trying to get to my XP machine thru the webserver on my Linux box? Thanks |
lawadm1
Check these threads Here http://www.linuxquestions.org/questi...TTPF1.0+400+97 Here http://www.linuxquestions.org/questi...TTPF1.0+400+97 And here http://www.linuxquestions.org/questi...TTPF1.0+400+97 Pete |
Pete, those links are busted.......
lawadm1...Get used to seeing those. It isn't someone trying to get to your XP machine, but rather Code Red or one of the other IIS worms looking for idiots with unpatched microsoft webservers to infect. My logs are absolutely stiff with garbage like this. Odds are the person who owns the machine doesn't even know they are infected. Since it is looking for microsoft stuff, as long as you are running Apache, you are not vulnerable. Of course if you are running a publicly accessible web server, you should have your security in place and running. |
Hangdog42
Links work fine for me in Firefox and IE ? Pete |
Hm. Might be a win2K thing? Or maybe my computer is just being funky since both Firefox and IE fail for me.
|
All times are GMT -5. The time now is 02:41 AM. |