httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Zwink <dan...@zwink.de>
Subject Re: access log
Date Fri, 19 Apr 2002 08:54:36 GMT
Hi Robert,

> Hello, I've been hosting a tiny website from my home for the past week,
> as a temporary project, and I found the following in my access log:
> 
> "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 290
> "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 288
> [...]
> "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 312
> "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 312

*g* .. seems as if some viruses/worms try to connect to your server and
watch out for exploits in IIS from Microsoft - IMHO not really dangerous
if you run apache :-).
Unfortunately I don't know if you can protect your server from such
connections through a forewall.


Daniel
-- 
Als die Zeit erfüllt war, sandte Gott seinen Sohn,
geboren von einer Frau und unter das Gesetz getan,
damit er die, die unter dem Gesetz waren, erlöste,
damit wir die Kindschaft empfingen.
Galater 4,4-5

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message