httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "DownUnder Dan" <da...@image.dk>
Subject Straneg access log entries - hacker??
Date Wed, 10 Apr 2002 13:01:06 GMT
HI ALL! I downloaded Apache 1.3.22 for win2k and have just installed it. 
I am a read newbie at this.

I just had a look at the access log and I noticed these entries that cause me to worry a little:
80.62.91.126 - - [10/Apr/2002:13:27:35 +0200] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 288
80.62.91.126 - - [10/Apr/2002:13:27:43 +0200] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
404 298
80.62.91.126 - - [10/Apr/2002:13:27:50 +0200] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
404 298
80.62.91.126 - - [10/Apr/2002:13:27:57 +0200] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir
HTTP/1.0" 404 312
80.62.91.126 - - [10/Apr/2002:13:28:05 +0200] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
HTTP/1.0" 404 329
80.62.91.126 - - [10/Apr/2002:13:28:12 +0200] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
HTTP/1.0" 404 329

A normal entry looks like this:
62.199.0.4 - - [10/Apr/2002:13:27:19 +0200] "GET /icons/blank.gif HTTP/1.1" 200 148

Can anyone shed light on this?  It someone trying to hack into my computer or is there some
explaination for these entries?

REGARDS!
Dan



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message