LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
Reload this Page Apache access logs
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 08-06-2004, 12:21 AM   #1
lawadm1
Member
 
Registered: Jul 2003
Location: Illinois
Distribution: Fedora 11, Ubuntu 9.04
Posts: 80

Rep: Reputation: 15
Apache access logs

Fedora C2
Apache
Linksys router connected to cable modem

I just recently setup my webserver, and allowed access to it thru the web. I was poking around in the logs, and I some messages like this:

"GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 297 "-" "-"

Is this someone trying to get to my XP machine thru the webserver on my Linux box?

Thanks
 
Old 08-06-2004, 01:04 AM   #2
Pete M
Member
 
Registered: Aug 2003
Location: UK
Distribution: Redhat 9 FC 3 SUSE 9.2 SUSE 9.3 Gentoo 2005.0 Debian Sid
Posts: 657

Rep: Reputation: 32
lawadm1

Check these threads

Here
http://www.linuxquestions.org/questi...TTPF1.0+400+97

Here
http://www.linuxquestions.org/questi...TTPF1.0+400+97

And here
http://www.linuxquestions.org/questi...TTPF1.0+400+97

Pete
 
Old 08-06-2004, 07:30 AM   #3
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Pete, those links are busted.......

lawadm1...Get used to seeing those. It isn't someone trying to get to your XP machine, but rather Code Red or one of the other IIS worms looking for idiots with unpatched microsoft webservers to infect. My logs are absolutely stiff with garbage like this. Odds are the person who owns the machine doesn't even know they are infected. Since it is looking for microsoft stuff, as long as you are running Apache, you are not vulnerable. Of course if you are running a publicly accessible web server, you should have your security in place and running.
 
Old 08-06-2004, 08:21 AM   #4
Pete M
Member
 
Registered: Aug 2003
Location: UK
Distribution: Redhat 9 FC 3 SUSE 9.2 SUSE 9.3 Gentoo 2005.0 Debian Sid
Posts: 657

Rep: Reputation: 32
Hangdog42

Links work fine for me in Firefox and IE ?

Pete
 
Old 08-06-2004, 10:20 AM   #5
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
Hm. Might be a win2K thing? Or maybe my computer is just being funky since both Firefox and IE fail for me.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
About Apache Logs SiLiCoN Linux - Networking 1 05-26-2005 10:34 AM
Apache logs - ???Linux logs??? mylo2003 Linux - General 3 08-07-2003 04:49 PM
cvs : access and error logs chr15t0 Linux - Software 1 03-04-2003 05:32 AM
Apache access logs filsed Linux - Networking 1 03-26-2002 08:05 PM
Apache Access Logs Not Working Suddenly bajabluewater Linux - General 2 11-11-2001 03:04 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 10:46 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration