One thing this has tought me is that i should keep better track of my
logs, it is not fun having to go through 500k of logfile...

 -munir

On Tue, 30 Oct 2001, Austad, Jay wrote:

> attack back?  :)  These are probably compromised boxes (nimda or code red).
> You could find the admins of the boxes and tell them, or just ignore it.
>
> It's probably not going to accomplish anything by reporting it though.  Just
> take pride in the fact that they haven't gained access to your box.  :)
>
> Jay
>
> -----Original Message-----
> From: Munir Nassar [mailto:nassarmu at redconcepts.net]
> Sent: Tuesday, October 30, 2001 8:37 PM
> To: Twin Cities Linux User Group
> Subject: [TCLUG] Apache error logs
>
>
> For a couple of days now i have been getting wierd errors in my Apache
> logs, mostly people doing a GET /dir/cmd.exe, or root.exe
>
> don't these people check the server strings? I may be inexperienced but i
> am not brain dead enough to run IIS. or just even plain windows.
>
> but most importantly: should i report the IPs to someone? (i have about 10
> different IPs so far) is there anything in particular i should do about
> this?
>
>  -munir
>
> _______________________________________________
> Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota
> http://www.mn-linux.org
> tclug-list at mn-linux.org
> https://mailman.mn-linux.org/mailman/listinfo/tclug-list
> _______________________________________________
> Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota
> http://www.mn-linux.org
> tclug-list at mn-linux.org
> https://mailman.mn-linux.org/mailman/listinfo/tclug-list
>