[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] access log weird stuff. hacker or virus

Subject: Re: [cobalt-users] access log weird stuff. hacker or virus
From: "Gerald Waugh" <gerald@xxxxxxxxx>
Date: Thu Sep 27 15:36:52 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

>  tail access
> www.florida-wireless.com 208.62.153.5 - - [28/Sep/2001:00:30:17 -0400] "GET
/_me
> m_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0"
302
> 280 "-" "-"

Which rock have you been living under? <smile>
It's MS IIS exploits, Nimda for one
The worst it will do is fill your log files up!
It raises holy-hell with Microsoft Networks though.
One of my clients has a local network, 4 servers and 120 work stations
and they still don't have them fixed, although they claim they had MS patches.
Go figure, Thank God and Linus for Linux.

Gerald

References:
- [cobalt-users] access log weird stuff. hacker or virus
  - From: brain_damaged

Prev by Date: Re: [cobalt-users] what does this all mean ?
Next by Date: Re: [cobalt-users] access log weird stuff. hacker or virus
Previous by thread: RE: [cobalt-users] access log weird stuff. hacker or virus
Next by thread: Re: [cobalt-users] access log weird stuff. hacker or virus

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index