Attack
From: Ranjan (ranjan_babu_g_at_hotmail.com)
Date: 09/16/03
- Next message: Wei-Dong Xu [MSFT]: "RE: Access Denied Error"
- Previous message: Scott Wilhelm: "Re: Password Lookup Script/Page"
- Next in thread: Karl Levinson [x y] mvp: "Re: Attack"
- Reply: Karl Levinson [x y] mvp: "Re: Attack"
- Reply: Jeff Cochran: "Re: Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 16 Sep 2003 07:07:39 -0700
I feel some attack going on in my server.
How can i know attack happen to my iis server other than
logs of IIS.Pls find the logs in w3svc1 .
we given natting to the iis server.Any way make the server
secure form outside world other than firewall .
Can i go for ipsec .Pls give your suggestion to secure my
server .Anybody Help me!
Regards
Ranjan
Pls find the logs in w3svc1
-----------------------------
Logs
---------
#Software: Microsoft Internet Information Services 5.0
#Version: 1.0
#Date: 2003-09-14 00:02:39
#Fields: date time c-ip cs-username s-ip s-port cs-method
cs-uri-stem cs-uri-query sc-status cs(User-Agent)
2003-09-14 00:02:39 68.90.72.52 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:02:41 68.90.72.52 - 10.91.2.15 80 SEARCH / -
401 -
2003-09-14 00:02:55 68.86.143.83 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:02:55 68.86.143.83 - 10.91.2.15 80 SEARCH / -
401 -
2003-09-14 00:02:59 24.160.147.166 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:02:59 24.160.147.166 - 10.91.2.15 80
SEARCH / - 401 -
2003-09-14 00:03:03 4.4.104.163 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:03:04 4.4.104.163 - 10.91.2.15 80 SEARCH / -
401 -
2003-09-14 00:03:07 220.108.100.105 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:03:07 220.108.100.105 - 10.91.2.15 80
SEARCH / - 401 -
2003-09-14 00:03:45 69.133.2.104 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:03:46 69.133.2.104 - 10.91.2.15 80 SEARCH / -
401 -
2003-09-14 00:04:03 64.33.205.174 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:04:04 64.33.205.174 - 10.91.2.15 80
SEARCH / - 401 -
2003-09-14 00:05:19 65.64.93.69 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:05:24 216.139.181.70 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:05:27 216.139.181.70 - 10.91.2.15 80
SEARCH / - 401 -
2003-09-14 00:06:05 4.62.15.42 - 10.91.2.15 80 GET / - 401
Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:06:06 4.62.15.42 - 10.91.2.15 80 SEARCH / -
401 -
2003-09-14 00:06:41 149.142.180.187 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:06:41 149.142.180.187 - 10.91.2.15 80
SEARCH / - 401 -
2003-09-14 00:07:30 24.157.238.128 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:08:09 172.167.1.83 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.5;+Windows+98)
2003-09-14 00:08:13 172.167.1.83 - 10.91.2.15 80 SEARCH / -
401 -
2003-09-14 00:09:24 211.132.109.241 - 10.91.2.15 80 GET / -
401 Mozilla/4.0+(compatible;+MSIE+5.
- Next message: Wei-Dong Xu [MSFT]: "RE: Access Denied Error"
- Previous message: Scott Wilhelm: "Re: Password Lookup Script/Page"
- Next in thread: Karl Levinson [x y] mvp: "Re: Attack"
- Reply: Karl Levinson [x y] mvp: "Re: Attack"
- Reply: Jeff Cochran: "Re: Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
