| 會員  | 【求助】被入侵的問題... 請問各位先進... 下面的 log 是不是有人要入侵我的電腦丫? (這只是單純的一小部份,唯一從台灣出來的... 其他大陸、韓國、新加坡、LA... 捉到也沒用就不列出來了... >.< ) 2003-04-30 15:01:51 61.56.135.173 - W3SVC1 GET /scripts/root.exe 404 2003-04-30 15:01:53 61.56.135.173 - W3SVC1 GET /MSADC/root.exe 404 2003-04-30 15:01:57 61.56.135.173 - W3SVC1 GET /c/winnt/system32/cmd.exe 404 2003-04-30 15:01:58 61.56.135.173 - W3SVC1 GET /d/winnt/system32/cmd.exe 404 2003-04-30 15:02:00 61.56.135.173 - W3SVC1 GET /scripts/..%5c../winnt/system32/cmd.exe 404 2003-04-30 15:02:04 61.56.135.173 - W3SVC1 GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe 404 2003-04-30 15:02:06 61.56.135.173 - W3SVC1 GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe 404 2003-04-30 15:02:10 61.56.135.173 - W3SVC1 GET /msadc/..%5c../..%5c../..%5c/..?../..?../..?../winnt/system32/cmd.exe 404 2003-04-30 15:02:12 61.56.135.173 - W3SVC1 GET /scripts/..?../winnt/system32/cmd.exe 404 2003-04-30 15:02:13 61.56.135.173 - W3SVC1 GET /scripts/..?../winnt/system32/cmd.exe 404 2003-04-30 15:02:18 61.56.135.173 - W3SVC1 GET /winnt/system32/cmd.exe 404 2003-04-30 15:02:22 61.56.135.173 - W3SVC1 GET /winnt/system32/cmd.exe 404 2003-04-30 15:02:27 61.56.135.173 - W3SVC1 GET /scripts/..%5c../winnt/system32/cmd.exe 404 2003-04-30 15:02:31 61.56.135.173 - W3SVC1 GET /scripts/..%5c../winnt/system32/cmd.exe 404 2003-04-30 15:02:36 61.56.135.173 - W3SVC1 GET /scripts/..%5c../winnt/system32/cmd.exe 404 2003-04-30 15:02:37 61.56.135.173 - W3SVC1 GET /scripts/..%2f../winnt/system32/cmd.exe 404 又,這是不是用流光來用的呢? 還有就是,似乎都是以捉 cmd.exe 這個檔為主, 如果把 cmd.exe 改個名字是不是就比較不會被入侵成功呢? 最後、(不好意思,在下問題很多...  )如果我想要檔 IP 的話該怎麼做呢? (我有試過用 IP 分享器埵陪虒T止的設定,不過卻檔不下來... ) 謝謝! |
| 回覆 |
| 解決郵件問題會員  | IIS要注意更新 就比較~~~~~不會有事發生 |
| 回覆 |
| 喜歡雨天  | 我的也一樣說,但是我是架APPSERV 不知道該怎麼檔!! 只好勤備份囉 [Thu May 15 06:45:55 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/scripts/root.exe [Thu May 15 06:45:56 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/msadc/root.exe [Thu May 15 06:45:57 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/c/winnt/system32/cmd.exe [Thu May 15 06:45:58 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/d/winnt/system32/cmd.exe [Thu May 15 06:45:59 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/scripts/..%5c/winnt/system32/cmd.exe [Thu May 15 06:46:00 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/_vti_bin/..%5c/..%5c/..%5c/winnt/system32/cmd.exe [Thu May 15 06:46:01 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/_mem_bin/..%5c/..%5c/..%5c/winnt/system32/cmd.exe [Thu May 15 06:46:02 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/msadc/..%5c/..%5c/..%5c/..?/..?/..?/winnt/system32/cmd.exe [Thu May 15 06:46:03 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/scripts/..?/winnt/system32/cmd.exe [Thu May 15 06:46:06 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/scripts/..嶸/winnt/system32/cmd.exe [Thu May 15 06:46:07 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/scripts/..?/winnt/system32/cmd.exe [Thu May 15 06:46:10 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/scripts/..%5c/winnt/system32/cmd.exe [Thu May 15 06:46:11 2003] [error] [client 61.233.16.25] File does not exist: G:/appserv/www/scripts/..%2f/winnt/system32/cmd.exe [Thu May 15 10:43:24 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/scripts/root.exe [Thu May 15 10:43:26 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/msadc/root.exe [Thu May 15 10:43:27 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/c/winnt/system32/cmd.exe [Thu May 15 10:43:28 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/d/winnt/system32/cmd.exe [Thu May 15 10:43:30 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/scripts/..%5c/winnt/system32/cmd.exe [Thu May 15 10:43:31 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/_vti_bin/..%5c/..%5c/..%5c/winnt/system32/cmd.exe [Thu May 15 10:43:33 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/_mem_bin/..%5c/..%5c/..%5c/winnt/system32/cmd.exe [Thu May 15 10:43:34 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/msadc/..%5c/..%5c/..%5c/..?/..?/..?/winnt/system32/cmd.exe [Thu May 15 10:43:35 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/scripts/..?/winnt/system32/cmd.exe [Thu May 15 10:43:38 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/scripts/..嶸/winnt/system32/cmd.exe [Thu May 15 10:43:40 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/scripts/..?/winnt/system32/cmd.exe [Thu May 15 10:43:44 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/scripts/..%5c/winnt/system32/cmd.exe [Thu May 15 10:43:45 2003] [error] [client 61.191.252.6] File does not exist: G:/appserv/www/scripts/..%2f/winnt/system32/cmd.exe |
| 回覆 |
| 解決郵件問題會員 | 我的更多 用apache的不用在意 那個是中毒的人在亂掃同類(IIS) |
| 回覆 |
| 喜歡雨天 | 引用:
 | |
| 回覆 |
| 一隻深陷於四方框 | |
| 回覆 |
| |
| XML | RSS 2.0 | RSS |
本論壇所有文章僅代表留言者個人意見,並不代表本站之立場,討論區以「即時留言」方式運作,故無法完全監察所有即時留言,若您發現文章可能有異議,請 email :[email protected] 處理。
