[aclug-L] Hacker or ??

[Maverick <mluvw47@xxxxxxxxx>]

Hi, all
 Recently I check on my apache webserver access.log
and find out a lot of entrie like this:
24.254.90.73 - - [18/Sep/2001:10:44:38 -0700] "GET
/scripts/..%c0%af../winnt/sys
tem32/cmd.exe?/c+dir HTTP/1.0" 404 231
24.254.90.73 - - [18/Sep/2001:10:44:39 -0700] "GET
/scripts/..%%35%63../winnt/sy
stem32/cmd.exe?/c+dir HTTP/1.0" 400 215
24.254.90.73 - - [18/Sep/2001:10:44:41 -0700] "GET
/scripts/..%%35c../winnt/syst
em32/cmd.exe?/c+dir HTTP/1.0" 400 215
24.254.90.73 - - [18/Sep/2001:10:44:43 -0700] "GET
/scripts/..%c1%9c../winnt/sys
tem32/cmd.exe?/c+dir HTTP/1.0" 404 231
.....

Is that someone try to access my /var/www/scripts/?
and my error.log generate something like this..
Tue Sep 18 10:52:27 2001] [error] [client
24.234.20.197] File does not exist: /
var/www/c/winnt/system32/cmd.exe
[Tue Sep 18 10:52:28 2001] [error] [client
24.234.20.197] File does not exist: /
var/www/d/winnt/system32/cmd.exe
....

anyone have any idea? or did I set something wrong?
or really have a hacker knocking on my door?

Thanks.
Mav

__________________________________________________
Terrorist Attacks on U.S. - How can you help?
Donate cash, emergency relief information
http://dailynews.yahoo.com/fc/US/Emergency_Information/
-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi