avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Berin Loritsch <blorit...@apache.org>
Subject Re: don't bother google ;) funny...
Date Thu, 28 Feb 2002 15:57:04 GMT
Emperor wrote:
> Hmm.... Here is the log

Sorry to dissapoint you, that is a standard bot that scours anything
that can be resolved.  My guess is for vulnerable systems.  It is quite
interesting as those types of requests will only work on IIS/NT based
systems.

I received a number of requests like that when I was helping a company
migrate their webapp from three machines to one.  (Can I give you a
hint: never put full address resolution if you expect to move an app
later).

> 
> I tested my async this afternoon by connecting to www.google.de and
> sending a standart request (on both port 80 and 5485 - to test correct
> and incorrect requests). Due to typos my first request strings weren't
> correct. I had a serversocket running on port 80, too. After a while...
> I began to get suspicious request on my serversocket ;) like those one:
> 
> connection to 217.81.232.195:2302 received "GET /MSADC/root.exe?/c+dir
> HTTP/1.0 connection to 217.81.232.195:2441 received "GET
> /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0 connection to
> 217.81.232.195:2568 received "GET /d/winnt/system32/cmd.exe?/c+dir
> HTTP/1.0 connection to 217.81.232.195:2954 received "GET
> /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
> HTTP/1.0
> 
> Pretty funny... as my server didn't answer to requests ;) I think there
> was someone @ google trying to find out who I am ;) I tried a reverse
> hostname lookup but didn't give interesting results ;)
> 
> Look at the log ;) pretty cool.
> 
> Nils
> 
> 
> ------------------------------------------------------------------------
> 
> --
> To unsubscribe, e-mail:   <mailto:avalon-dev-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:avalon-dev-help@jakarta.apache.org>
> 



-- 

"They that give up essential liberty to obtain a little temporary safety
  deserve neither liberty nor safety."
                 - Benjamin Franklin


--
To unsubscribe, e-mail:   <mailto:avalon-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-dev-help@jakarta.apache.org>


Mime
View raw message