Home | Community | Message Board


Kraken Kratom
Please support our sponsors.

General Interest >> Science and Technology

Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Jump to first unread post. Pages: 1
InvisibleHefex78
Stranger
Registered: 05/12/03
Posts: 251
*DELETED*
    #2035541 - 10/23/03 10:42 AM (13 years, 4 months ago)

Post deleted. Reason for deletion: Confidential.


Edited by Wa7sum (10/03/07 11:19 AM)


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineSeussA
Error: divide byzero

Folding@home Statistics
Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 1 month, 20 days
Re: URGENT - Suspicious Log Files [Re: Hefex78]
    #2035569 - 10/23/03 11:00 AM (13 years, 4 months ago)

Looks like a code red scan... digging... actually, there is more there than just code red... looks like somebody is scanning for many different holes.

> I'm quite positive it's showing someone is accessing my cmd.exe prompt.

The logs are showing the request somebody is making, not what your web server is servering.

Are you running on windows or unix? If unix, you have nothing to worry about from these scans. If windows, I cannot help much other than to recommend upgrading to one of the free unix flavours for a server. In either case ensure that your patches are up to date.


--------------------
Just another spore in the wind.


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineMetaShroom
菌类
 User Gallery

Registered: 06/02/02
Posts: 1,462
Loc: East Anglia UK
Last seen: 9 years, 8 months
Re: URGENT - Suspicious Log Files [Re: Seuss]
    #2035705 - 10/23/03 12:11 PM (13 years, 4 months ago)

All web server logs I have seen are full of that shit - mostly lame scanners looking for lame Windows exploits, nothing to worry about unless your site is hosted on NT4 or something.


--------------------
:sleepingcow:  :penguinmonkey: :blah:

JOIN MAPS -> www.MAPS.ORG


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinewindex
old hand
Registered: 06/27/01
Posts: 1,293
Last seen: 2 years, 8 months
Re: URGENT - Suspicious Log Files [Re: MetaShroom]
    #2036449 - 10/23/03 03:45 PM (13 years, 4 months ago)

>your site is hosted on NT4 or something.

try any version of windows...


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineMetaShroom
菌类
 User Gallery

Registered: 06/02/02
Posts: 1,462
Loc: East Anglia UK
Last seen: 9 years, 8 months
Re: URGENT - Suspicious Log Files [Re: windex]
    #2036752 - 10/23/03 05:37 PM (13 years, 4 months ago)

Quote:

windex said:

try any version of windows...




I'm running an IIS w2k server at home and it's never been affected by any of that (the logs are full of it though). I only patch it half-heartedly so those exploits must be quite oldskool.


--------------------
:sleepingcow:  :penguinmonkey: :blah:

JOIN MAPS -> www.MAPS.ORG


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinewindex
old hand
Registered: 06/27/01
Posts: 1,293
Last seen: 2 years, 8 months
Re: URGENT - Suspicious Log Files [Re: MetaShroom]
    #2038419 - 10/24/03 01:02 AM (13 years, 4 months ago)

>I'm running an IIS w2k server

offtopic but funny nonetheless, i came up with this one night while having a drunken conversation about webservers:

I'd rather manually type out each request then leave it up to IIS!
--

But anyway, an up-to-date box shouldnt be suspectible to these scritped attacks, but every sucurity bulitin released almost always lists every operating system they still support, and is removed once it reached EOL fixed or not.

I have to laugh when I read the apache logs and see this garbage, youd think they would do a check to see if its a windows os first, then go through each little variation. yes the os and server can be masked, but many if not most sites don't.


Post Extras: Print Post  Remind Me! Notify Moderator
Jump to top. Pages: 1

General Interest >> Science and Technology

Similar ThreadsPosterViewsRepliesLast post
* Getting a server hosted..
ShroomismM
1,177 11 08/07/03 11:26 AM
by Seuss
* Thinking about freebsd for server *DELETED* T0aD 755 9 07/14/04 01:50 PM
by Barbi
* ThePirateBay.org Raided - Servers Seized YthanA 1,215 12 06/04/06 03:17 AM
by funnybunny
* my warcraft thread deleted? T0aD 644 5 05/09/04 01:18 PM
by baraka
* On a campus server and I'd like to learn stuff :-) entiformatie 540 5 10/02/04 05:38 PM
by Geezer
* deleting ht.access files thru ftp ChromeCrow 877 4 07/14/05 05:51 PM
by delta9
* how to set up a private proxy server on my linux server? OJK 3,748 9 02/13/07 07:34 PM
by robbyberto
* Running two game servers at same time? zorbman 406 1 03/14/08 06:13 AM
by Seuss

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: Lana, trendal, Diploid, automan
774 topic views. 0 members, 2 guests and 0 web crawlers are browsing this forum.
[ Toggle Favorite | Print Topic | Stats ]
Search this thread:

Please support our sponsors.

Copyright 1997-2017 Mind Media. Some rights reserved.

Generated in 0.035 seconds spending 0.005 seconds on 14 queries.