httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Gration <rich...@zync.co.uk>
Subject Re: [users@httpd] new access_log messages
Date Thu, 02 Oct 2003 16:27:33 GMT
Staven Bruce wrote:
> I have a redhat 8.0 server running Apache. I just noticed these entries that
> have popped up in my access_log file and so I am trying to figure what
> exactly is happening. I 've included a snipet from my access_log file and
> "*"ed out the last octet of the ip addresses. Can someone tell me what
> /scripts/nsiislog.dll is? Or default.ida ?

They are attempts by infected IIS servers to propagate the infection. I 
think the default.ida one is called Nimda. There appears to be more than 
one worm attempting to get through though.

Rick


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message