[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: under attack ?
- To: Ishai Parasol <ishai-iglu(at-nospam)parasol.org.il>
- Subject: Re: under attack ?
- From: "Nadav Har'El" <nyh(at-nospam)math.technion.ac.il>
- Date: Wed, 19 Sep 2001 21:21:28 +0300
- Cc: Linux - IL Mailing List <linux-il(at-nospam)linux.org.il>
- Delivered-To: linux.org.il-linux-il@linux.org.il
- Hebrew-Date: 3 Tishri 5762
- In-Reply-To: <000d01c1413c$cfd26580$0201a8c0@parasol>; from ishai-iglu@parasol.org.il on Wed, Sep 19, 2001 at 08:56:33PM +0200
- References: <000d01c1413c$cfd26580$0201a8c0@parasol>
- Sender: linux-il-bounce(at-nospam)cs.huji.ac.il
- User-Agent: Mutt/1.2i
On Wed, Sep 19, 2001, Ishai Parasol wrote about "under attack ?":
> Hi
>
> my apache logs gives me tons of this crap:
>
> 212.29.230.44 - - [19/Sep/2001:20:38:12 +0300] "GET /scripts/root.exe?/c+dir
> HTTP/1.0" 404 285 "-" "-"
> 212.29.230.44 - - [19/Sep/2001:20:38:26 +0300] "GET /MSADC/root.exe?/c+dir
> HTTP/1.0" 404 283 "-" "-"
> 212.29.230.44 - - [19/Sep/2001:20:38:31 +0300] "GET
> /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 293 "-" "-"
Probably the new "nimda" worm, discovered yesterday.
See for example
http://www.sophos.com/virusinfo/analyses/w32nimdaa.html
--
Nadav Har'El | Wednesday, Sep 19 2001, 3 Tishri 5762
nyh@math.technion.ac.il |-----------------------------------------
Phone: +972-53-245868, ICQ 13349191 |Life is what happens to you while you're
http://nadav.harel.org.il |busy making other plans. - John Lennon
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il