On Friday 26 October 2001 07:44, you wrote:
> I'm seeing a lot of these in my webservers access log file. What are
> they?
> 216.151.92.2 - - [26/Oct/2001:07:08:23 -0400] "GET
> /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298 "-"
> "-"
Folks, I am considering opening a low-traffic web server from my home box.
Setting AUP considerations aside, is there some means to 1) automatically
block traffic from a machine broadcasting a worm and 2) notify the
offending sysop of the reason for so doing while 3) leaving the box open
to well-behaved machines?
Ideally, it would access a text file where I could add worm / virus
signatures as they are found & reported.
Bill
--
icq #126373831 http://www.anhonestdesire.com
Linux a.genesis.com 2.4.12 #2 Wed Oct 17 04:17:02 EDT 2001 i686 unknown
total used free shared buffers cached
Mem: 1545512 622672 922840 0 289264 403164
Swap: 401584 0 401584
1:03pm up 9:55, 2 users, load average: 0.03, 0.01, 0.00
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:50:22 EDT