[aclug-L] Re: Hacker or ??

["Dale W Hodge" <dwh@xxxxxxxxxxxxxxxx>]

> -----Original Message-----
> From: discussion-bounce@xxxxxxxxx [mailto:discussion-bounce@xxxxxxxxx]On
> Behalf Of Maverick
>
>
> uh...seems the  answer is still unknown.. I think
> shutdown my webserver is the only solution at this
> point.
>
> Mav
> > > Is that someone try to access my
> > /var/www/scripts/?
> > > and my error.log generate something like this..
> > > Tue Sep 18 10:52:27 2001] [error] [client
> > > 24.234.20.197] File does not exist: /
> > > var/www/c/winnt/system32/cmd.exe
> > > [Tue Sep 18 10:52:28 2001] [error] [client
> > > 24.234.20.197] File does not exist: /
> > > var/www/d/winnt/system32/cmd.exe
> > > ....
> > >
> > > anyone have any idea? or did I set something
> > wrong?
> > > or really have a hacker knocking on my door?

It's just the latest code red variant trying to find MS IIS servers.  It doesn't
have any effect on Linux/Apache servers other than the extra traffic.  My normal
traffic shows around 400 hits a day, yesterday I logged 5300 hits and I'm at
2200 hits as of 1PM today. It's mostly a nuisance as far as I'm concerned.

--dwh

---
Dale W Hodge - dwh@xxxxxxxxxxxxxxxx
Secretary & Website Maintainer - info@xxxxxxxxx
Air Capital Linux User's Group  (ACLUG)
---

-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi