cron log?
Knute Johnson
knute at frazmtn.com
Mon May 9 00:16:58 UTC 2005
Alexander:
Thanks again and mostly for pointing out that I could search for that
garbage on Google. It never occurred to me but it comes it with all
sorts of info.
Do you put those addresses in your hosts.deny file or once they have
been there and gotten nothing they don't come back?
Thanks,
knute...
>Am Mo, den 09.05.2005 schrieb Knute Johnson um 1:32:
>
>> Here is my access_log. Does it look like somebody is trying to
>> execute a program?
>
>> knute...
>>
>> [root at ljr-2 httpd]# cat access_log
>> 66.157.28.95 - - [08/May/2005:14:05:06 -0700] "GET /..%255c..%
>> 255cwinnt/system32/cmd.exe?/c+dir+c: HTTP/1.1" 404 362 "-"
>> "Mozilla/3.0
>
>google would have quickly given you an answer, like:
>
>http://www.serverautomationtools.com/webcgi/webbatch.exe?techsupt/tsle
>ft.web+MS-Security-Virus-Hacks-links+Do-your-logfiles-contain-this.htm
>l
>
>Alexander
>
>
>--
>Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
>legal statement: http://www.uni-x.org/legal.html Fedora Core 2
>GNU/Linux on Athlon with kernel 2.6.11-1.14_FC2smp Serendipity
>01:37:18 up 6:08, 18 users, 0.83, 0.78, 0.55
>
--
Knute Johnson
Molon Labe...
More information about the fedora-list
mailing list