[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: under attack ?



On Wed, Sep 19, 2001, Ishai Parasol wrote about "under attack ?":
> Hi
> 
> my apache logs gives me tons of this crap:
> 
> 212.29.230.44 - - [19/Sep/2001:20:38:12 +0300] "GET /scripts/root.exe?/c+dir
> HTTP/1.0" 404 285 "-" "-"
> 212.29.230.44 - - [19/Sep/2001:20:38:26 +0300] "GET /MSADC/root.exe?/c+dir
> HTTP/1.0" 404 283 "-" "-"
> 212.29.230.44 - - [19/Sep/2001:20:38:31 +0300] "GET
> /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 293 "-" "-"

Probably the new "nimda" worm, discovered yesterday.

See for example
	http://www.sophos.com/virusinfo/analyses/w32nimdaa.html


-- 
Nadav Har'El                        |    Wednesday, Sep 19 2001, 3 Tishri 5762
nyh@math.technion.ac.il             |-----------------------------------------
Phone: +972-53-245868, ICQ 13349191 |Life is what happens to you while you're
http://nadav.harel.org.il           |busy making other plans. - John Lennon

=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il