Re: How will i block this kind of request

From: Gokul (gpoduval_at_starhub.com.sg)
Date: 09/07/03

Next message: Security Alert: "SSRT3620 Potential security vulnerability B.11.11 DCE (rev.1)"
Previous message: Matt Blaze: "USENIX Secuirty '04 Call for Papers"
In reply to: Sundaram Ramasamy: "How will i block this kind of request"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 7 Sep 2003 13:31:54 +0800

if you want to save web server bandwidth and memory, create a 0 byte
default.ida at the / folder

-- 
Gokul
http://pod.homelinux.net
"Sundaram Ramasamy" <sundaram@percipia.com> wrote in message
news:3d52eb23.0309050534.215a454@posting.google.com...
> Hi,
>
> I am getting this kind of log message on my web server log. How will i
> block this kind of request.
>
> Thanks
>
> 64.140.34.130 - - [04/Sep/2003:16:51:28 -0400] "GET
> /default.ida?XXXXXXXXXXXXXXX
>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX
>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX
>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9
090%
>
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b0
0%u5
> 31b%u53ff%u0078%u0000%u00=a  HTTP/1.0" 404 284
> 64.140.34.130 - - [04/Sep/2003:18:41:50 -0400] "GET
> /default.ida?XXXXXXXXXXXXXXX
>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX
>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXX
>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9
090%
>
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b0
0%u5
> 31b%u53ff%u0078%u0000%u00=a  HTTP/1.0" 404 284
> 62.49.40.122 - - [04/Sep/2003:18:47:20 -0400] "GET
> /scripts/..%255c%255c../winnt
> /system32/cmd.exe?/c+dir" 404 314
> 162.40.122.24 - - [05/Sep/2003:00:35:19 -0400] "GET
> /scripts/nsiislog.dll" 404 2
> 93

Next message: Security Alert: "SSRT3620 Potential security vulnerability B.11.11 DCE (rev.1)"
Previous message: Matt Blaze: "USENIX Secuirty '04 Call for Papers"
In reply to: Sundaram Ramasamy: "How will i block this kind of request"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Cant Create or Open Projects After HTTPS Convert
... I created a share on the web server drive, ... Created a folder inside the share, we'll refer to it as ... >The powers that be switched our web server from http to ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: to access nt auth. required folders
... single user accessing the folder that needs higher security? ... against the folder. ... >If you use a custom authentication format, ... >LogonUser does not work on the web server because the ...
(microsoft.public.inetserver.iis.security)
Re: running winform exe from the web
... The folder is set up to be trusted, and I have a winforms application ... open the config file directly in the browser, ... I haven't done anything in particular with the web server or the folder, ... >> I even don't see the MyObject in the GAC directory. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Can index.htm be used same as index.html
... page" message as my folder has htm not html as the index file ... "It depends on the Web Server & how it's been Set". ... is given when no FileName is specified. ... ah now they are as index.HTM, that is the ones that are with the htm ...
(uk.people.silversurfers)
Re: Can index.htm be used same as index.html
... page" message as my folder has htm not html as the index file ... "It depends on the Web Server & how it's been Set". ... is given when no FileName is specified. ... ah now they are as index.HTM, that is the ones that are with the htm ...
(uk.people.silversurfers)