hello! my error.log is daily filled with the iis-exploit crap like:
--
[Thu Feb 07 12:50:53 2002] [error] [client 195.159.135.94] File does not
exist: c:/webroot/scripts/root.exe
[Thu Feb 07 12:50:54 2002] [error] [client 195.159.135.94] File does not
exist: c:/webroot/msadc/root.exe
[Thu Feb 07 12:50:56 2002] [error] [client 195.159.135.94] File does not
exist: c:/webroot/c/winnt/system32/cmd.exe
[Thu Feb 07 12:50:57 2002] [error] [client 195.159.135.94] File does not
exist: c:/webroot/d/winnt/system32/cmd.exe
--
etc.. and i tried to investigate if i could set up some kind of rule with
apache that
permanently denies all requests from client IP if it ever requests a url
containing
either root.exe or cmd.exe (wich all these iis/codered/whatever-it-is-crap
seems to contain)
so quick quesion - is it possible?
and little longer question - may anyone please be willing to help me out
with setting this up, or point me in the right direction?
running apache 1.3.23 on windows xp
/Martin
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
--
[Thu Feb 07 12:50:53 2002] [error] [client 195.159.135.94] File does not
exist: c:/webroot/scripts/root.exe
[Thu Feb 07 12:50:54 2002] [error] [client 195.159.135.94] File does not
exist: c:/webroot/msadc/root.exe
[Thu Feb 07 12:50:56 2002] [error] [client 195.159.135.94] File does not
exist: c:/webroot/c/winnt/system32/cmd.exe
[Thu Feb 07 12:50:57 2002] [error] [client 195.159.135.94] File does not
exist: c:/webroot/d/winnt/system32/cmd.exe
--
etc.. and i tried to investigate if i could set up some kind of rule with
apache that
permanently denies all requests from client IP if it ever requests a url
containing
either root.exe or cmd.exe (wich all these iis/codered/whatever-it-is-crap
seems to contain)
so quick quesion - is it possible?
and little longer question - may anyone please be willing to help me out
with setting this up, or point me in the right direction?
running apache 1.3.23 on windows xp
/Martin
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org