Interesting Apache logs
From: Brian A Crawford (brianc@billybob.demon.co.uk)Date: 03/24/02
- Next message: Ivan Kelly: "Re: Interesting Apache logs"
- Previous message: leonardo: "hint on software for an exam.."
- Next in thread: Ivan Kelly: "Re: Interesting Apache logs"
- Reply: Ivan Kelly: "Re: Interesting Apache logs"
- Reply: Elaine Ransome: "Re: Interesting Apache logs"
- Reply: Clark: "Re: Interesting Apache logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: brianc@billybob.demon.co.uk (Brian A Crawford) Date: Sun, 24 Mar 2002 18:01:00 GMT
I have included a small series of Apache logs that are quite
interesting.
Can someone point me to a site where I can learn the full details of
what the attacker was trying to achieve.
I run Apache on Linux. It seems they were scanning for a windows
vunerability -- to infect with a worm?
Thanks in advance
Brian C.
------------------------------------------------------------------------------------------------------------------------------------
[Sun Jan 27 18:58:37 2002] [error] [client xxx.222.73.218] File does
not exist: /var/www/htdocs/scripts/root.exe
[Sun Jan 27 18:58:47 2002] [error] [client xxx.222.73.218] File does
not exist: /var/www/htdocs/MSADC/root.exe
[Sun Jan 27 18:59:02 2002] [error] [client xxx.222.73.218] File does
not exist: /var/www/htdocs/c/winnt/system32/cmd.exe
[Sun Jan 27 19:00:42 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/scripts/root.exe
[Sun Jan 27 19:00:46 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/MSADC/root.exe
[Sun Jan 27 19:00:48 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/c/winnt/system32/cmd.exe
[Sun Jan 27 19:00:49 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/d/winnt/system32/cmd.exe
[Sun Jan 27 19:01:00 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/scripts/..%5c../winnt/system32/cmd.exe
[Sun Jan 27 19:01:01 2002] [error] [client xxx.222.123.236] File does
not exist:
/var/www/htdocs/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
[Sun Jan 27 19:53:04 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/scripts/root.exe
[Sun Jan 27 19:53:05 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/MSADC/root.exe
[Sun Jan 27 19:53:07 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/c/winnt/system32/cmd.exe
[Sun Jan 27 19:53:09 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/d/winnt/system32/cmd.exe
[Sun Jan 27 19:53:14 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/scripts/..%5c../winnt/system32/cmd.exe
[Sun Jan 27 19:53:15 2002] [error] [client xxx.222.123.236] File does
not exist:
/var/www/htdocs/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
[Sun Jan 27 19:53:15 2002] [error] [client xxx.222.123.236] File does
not exist:
/var/www/htdocs/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
[Sun Jan 27 19:53:17 2002] [error] [client xxx.222.123.236] File does
not exist:
/var/www/htdocs/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe
[Sun Jan 27 19:53:19 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/scripts/..Á../winnt/system32/cmd.exe
[Sun Jan 27 19:53:21 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/scripts/..À¯../winnt/system32/cmd.exe
[Sun Jan 27 19:53:25 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/scripts/..Á../winnt/system32/cmd.exe
[Sun Jan 27 19:53:28 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/scripts/..%5c../winnt/system32/cmd.exe
[Sun Jan 27 19:53:29 2002] [error] [client xxx.222.123.236] File does
not exist: /var/www/htdocs/scripts/..%2f../winnt/system32/cmd.exe
-------------------------------------------------------------------------------------------------------------------------------------
[Sat Feb 9 20:52:58 2002] [error] [client BBB.160.15.29] Client sent
malformed Host header
-------------------------------------------------------------------------------------------------------------------------------------
[Sun Mar 3 20:49:51 2002] [crit] (98)Address already in use:
make_sock: could not bind to port 80
[Sun Mar 3 21:20:28 2002] [error] [client xxx.222.6.196] File does
not exist: /var/www/htdocs/scripts/root.exe
[Sun Mar 3 21:20:36 2002] [error] [client xxx.222.6.196] File does
not exist: /var/www/htdocs/MSADC/root.exe
[Sun Mar 3 21:20:44 2002] [error] [client xxx.222.6.196] File does
not exist: /var/www/htdocs/c/winnt/system32/cmd.exe
[Sun Mar 3 21:20:51 2002] [error] [client xxx.222.6.196] File does
not exist: /var/www/htdocs/d/winnt/system32/cmd.exe
[Sun Mar 3 21:21:00 2002] [error] [client xxx.222.6.196] File does
not exist: /var/www/htdocs/scripts/..%5c../winnt/system32/cmd.exe
[Sun Mar 3 21:21:07 2002] [error] [client xxx.222.6.196] File does
not exist:
/var/www/htdocs/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
[Sun Mar 3 21:21:15 2002] [error] [client xxx.222.6.196] File does
not exist:
/var/www/htdocs/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
[Sun Mar 3 21:21:25 2002] [error] [client xxx.222.6.196] File does
not exist:
/var/www/htdocs/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe
-------------------------------------------------------------------------------------------------------------------------------------
- Next message: Ivan Kelly: "Re: Interesting Apache logs"
- Previous message: leonardo: "hint on software for an exam.."
- Next in thread: Ivan Kelly: "Re: Interesting Apache logs"
- Reply: Ivan Kelly: "Re: Interesting Apache logs"
- Reply: Elaine Ransome: "Re: Interesting Apache logs"
- Reply: Clark: "Re: Interesting Apache logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
