httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Dessent <br...@dessent.net>
Subject Re: [users@httpd] new access_log messages
Date Fri, 03 Oct 2003 00:28:37 GMT
Staven Bruce wrote:
> 
> I have a redhat 8.0 server running Apache. I just noticed these entries that
> have popped up in my access_log file and so I am trying to figure what
> exactly is happening. I 've included a snipet from my access_log file and
> "*"ed out the last octet of the ip addresses. Can someone tell me what
> /scripts/nsiislog.dll is? Or default.ida ?
> Any info is welcomed!

The ones referencing default.ida, nsiislog.dll, cmd.exe, vti_bin, etc.
are all looking for IIS vulnerabilities.  You can just ignore them as
Apache is 100% immune.  Most are other infected machines trying to
spread, not necessarily someone trying to crack your server
specifically.

The ones requesting robots.txt are web spiders.  In the example you
gave, Inktomi, Google, and Teoma were trying to index your site.  These
are all benign and well-behaived things, and indeed if you want them to
visit your site if you have anything that you want others to see.  If
you don't know about robots.txt, read about it here:
http://www.robotstxt.org

Brian

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message