為什么總是有人在做怪!

阿正

以下我的apache的log
但是，覺得蠻怪的是我是用linux redhat7.3的確出現有cmd.exe我又沒這個檔@@

[Sat Jun 22 21:34:12 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/scripts/root.exe
[Sat Jun 22 21:34:16 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/MSADC/root.exe
[Sat Jun 22 21:34:19 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/c/winnt/system32/cmd.exe
[Sat Jun 22 21:34:22 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/d/winnt/system32/cmd.exe
[Sat Jun 22 21:34:25 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/scripts/..%5c../winnt/system32/cmd.exe
[Sat Jun 22 21:34:28 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
[Sat Jun 22 21:34:31 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
[Sat Jun 22 21:34:34 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/msadc/..%5c../..%5c../..%5c/..? ../..? ../..? ../winnt/system32/cmd.exe
[Sat Jun 22 21:34:37 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/scripts/..? ../winnt/system32/cmd.exe
[Sat Jun 22 21:34:43 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/scripts/..嶸../winnt/system32/cmd.exe
[Sat Jun 22 21:34:46 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/scripts/..../winnt/system32/cmd.exe
[Sat Jun 22 21:34:55 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/scripts/..%5c../winnt/system32/cmd.exe
[Sat Jun 22 21:34:58 2002] [error] [client 61.157.94.132] File does not exist: /var/www/html/scripts/..%2f../winnt/system32/cmd.exe
[Sat Jun 22 21:41:47 2002] [error] [client 61.225.110.98] File does not exist: /var/www/html/env.cgi
[Sat Jun 22 22:06:35 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/scripts/root.exe
[Sat Jun 22 22:06:35 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/MSADC/root.exe
[Sat Jun 22 22:06:35 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/c/winnt/system32/cmd.exe
[Sat Jun 22 22:06:36 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/d/winnt/system32/cmd.exe
[Sat Jun 22 22:06:36 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/scripts/..%5c../winnt/system32/cmd.exe
[Sat Jun 22 22:06:36 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
[Sat Jun 22 22:06:37 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
[Sat Jun 22 22:06:37 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/msadc/..%5c../..%5c../..%5c/..? ../..? ../..? ../winnt/system32/cmd.exe
[Sat Jun 22 22:06:37 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/scripts/..? ../winnt/system32/cmd.exe
[Sat Jun 22 22:06:38 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/scripts/..嶸../winnt/system32/cmd.exe
[Sat Jun 22 22:06:38 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/scripts/..../winnt/system32/cmd.exe
[Sat Jun 22 22:06:39 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/scripts/..%5c../winnt/system32/cmd.exe
[Sat Jun 22 22:06:40 2002] [error] [client 61.32.105.219] File does not exist: /var/www/html/scripts/..%2f../winnt/system32/cmd.exe

阿土

那是病毒試著要攻擊 WEB SERVER , 攻擊的目標不是 Linux or BSD

看那幾行 LOG , 就知道是要攻擊 Windows 下的 IIS SERVER , 可能是 Nimda 病毒

阿正

嘿嘿.....找我沒用

QQ"我不是IIS的

on-18

之前也常常發生這種情況....
還一天來3次.照三餐來>.<....

LJI

就是有人這麼無聊.....家裡面也用APACHE架了站....只是方便朋友看圖檔
剛剛去看了一下LOG........果然也有人要攻擊我的電腦.....真是夠了..><

jiannhua

我學校的WebServer使用Win2000中了Nimda，一天到晚沒事就亂搞，所以我的Apache紀錄檔也有一大堆這樣的紀錄，告訴學校網頁主機的負責人，他說我胡說，叫我不要亂講話！唉，上面明明有IP，就是因為這樣學校的電腦我才不想管！可是這樣一來校長、主任又說我不配合，真想有一天要搞死校園網路，反正以他們的程度一定抓不到證據，問題是：他們要怪罪於人似乎不必講證據！真是!@#$%^^

mus000

中了 Nimda 的機器，只要不解毒完成，就會繼續一直在攻擊別人。
不是有人太無聊，是有網管太懶散，主機中毒的都不知道 ......
比較火大時，就給它玩回去，砍它檔案 ....

阿土校長兼撞鐘	那是病毒試著要攻擊 WEB SERVER , 攻擊的目標不是 Linux or BSD 看那幾行 LOG , 就知道是要攻擊 Windows 下的 IIS SERVER , 可能是 Nimda 病毒
	回覆

on-18 會員	之前也常常發生這種情況.... 還一天來3次.照三餐來>.<....
	回覆

LJI 北海道的熊	就是有人這麼無聊.....家裡面也用APACHE架了站....只是方便朋友看圖檔剛剛去看了一下LOG........果然也有人要攻擊我的電腦.....真是夠了..><
	回覆

mus000 會員	中了 Nimda 的機器，只要不解毒完成，就會繼續一直在攻擊別人。不是有人太無聊，是有網管太懶散，主機中毒的都不知道 ...... 比較火大時，就給它玩回去，砍它檔案 ....
	回覆