Re: attacked? hacked? help.....!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 8 Dec 2003, Lisa Durham wrote:
> Reply-To: fedora-list@xxxxxxxxxx
> 
> I am very new to Linux but was poking around in my newly setup Fedora 
> Core 1 system today and came upon the lines below in the Apache Access 
> Log when I used the "System Logs" icon in the System Tools Menu.
....
> 24.60.93.48 - - [07/Dec/2003:14:39:47 -0600] "GET /MSADC/root.exe?/c+dir 
> HTTP/1.0" 404 325 "-" "-"

Do a google search on each of these.

You will find that 99% are attacks against Microsoft Web
applications that include self propogating viruses with known
fixes from MS.

Some do consume your bandwidth and by creating a zero length file
you can save the bandwidth. Others are simply to be endured.  
Some may have cautions that apply to how you set up your server.

For exapple the line "/MSADC/root.exe?/c+dir" might be a MS worm
in the same class as the Nimda worm.

Anyhow Apache is a good server and as long as you do not get too
clever and watch the logs as you are things will be fine.

-- 
	T o m  M i t c h e l l
	mitch48 -a*t- yahoo-dot-com




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux