httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Gration <>
Subject Re: [users@httpd] new access_log messages
Date Thu, 02 Oct 2003 16:27:33 GMT
Staven Bruce wrote:
> I have a redhat 8.0 server running Apache. I just noticed these entries that
> have popped up in my access_log file and so I am trying to figure what
> exactly is happening. I 've included a snipet from my access_log file and
> "*"ed out the last octet of the ip addresses. Can someone tell me what
> /scripts/nsiislog.dll is? Or default.ida ?

They are attempts by infected IIS servers to propagate the infection. I 
think the default.ida one is called Nimda. There appears to be more than 
one worm attempting to get through though.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message