Date: Fri, 22 Feb 2002 10:44:34 -0500 From: freymann@scaryg.shacknet.nu To: Jim Freeze <jfreeze@freebsdportal.com>, freebsd-questions@freebsd.org Subject: Re: Script Kiddies Trying to Hack Me? Message-ID: <3C762112.26179.65CEBA@localhost> In-Reply-To: <20020222102602.A14033@freebsdportal.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 22 Feb 2002 at 10:26, Jim Freeze wrote: > I was just browsing my log files on a site/ip address that has > been live less than 12 hrs and came across: > > 63.219.136.226 - - [22/Feb/2002:09:29:18 -0500] "GET > /scripts/root.exe?/c+dir HTTP/1.0" 404 285 63.219.136.226 - - > [22/Feb/2002:09:29:18 -0500] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 Nimba. Read this url: http://www.sarc.com/avcenter/venc/data/w32.nimda.a@mm.html Nothing to worry 'bout on Unix platforms, it's strictly a Microsoft IIS exploit. There are some neat modules you can load into Apache that will automatically respond and email the admins of the remote systems. Go to cpan.org and search for Apache::CodeRed and Apache::Nimba if you want to do that. Gerry -------- Web hosting / Domain Hosting / Dns Services Come visit us at www.interpool.ca -------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C762112.26179.65CEBA>