Re: [suse-security] apache log

28 Jan 2002


      Thomas Neukirch wrote:
...
hi list,
a few month ago i changed my website from microsoft iis to linux/apache.
the following line is in the access_log (same like in iis-log):
213.168.123.157 - - [24/Jan/2002:20:47:25 +0100] "GET
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 294
can anyone explain me whats going on here ?
you can ignore that, it's a worm like nimda ... nothing interesting
for you.

-- 
intraDAT AG                     http://www.intradat.com
Wilhelm-Leuschner-Strasse 7         Tel: +49 69-25629-0
D - 60329 Frankfurt am Main       Fax: +49 69-25629-256
         Junk mail is war. RFCs do not apply.

Re: [suse-security] apache log

Sven Michels