Re: Anyone Else Getting Hits Like This ?

Subject: Re: Anyone Else Getting Hits Like This ?
From: Fielder George Dowding (fgdowding@iceworm-enterprises.net)
Date: Wed Feb 27 2002 - 21:47:51 AKST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Fielder George Dowding: "Re: more custom case goodness"
• Previous message: Kirk McFadden: "APU Fridays?"
• In reply to: Jason C. Neumann: "Re: Anyone Else Getting Hits Like This ?"
• Next in thread: Robert Swift: "Re: Anyone Else Getting Hits Like This ?"
• Reply: Fielder George Dowding: "Re: Anyone Else Getting Hits Like This ?"
• Reply: Fielder George Dowding: "Re: Anyone Else Getting Hits Like This ?"

Can anyone tell me what this is from or doing? It happens whether or
not I have dsl up. The "\" indicate a line break that was not in the
syslog file.

fgd

Feb 27 21:43:26 seth kernel: IN=eth1 \
OUT= MAC=ff:ff:ff:ff:ff:ff:00:60:38:60:41:b8:08:00 \
SRC=0.0.0.0 DST=255.255.255.255 LEN=328 TOS=0x00 \
PREC=0x00 TTL=128 ID=40188 PROTO=UDP SPT=68 DPT=67 LEN=308

On Wed, 27 Feb 2002 15:50:30 +0800
"Jason C. Neumann" <lister@geekvenue.net> wrote:

>
> My site's logging quite a few. I believe it's our good 'ol friend
> nimda or similar.
>
> -Jason
>
> > 209.34.27.7 - - [27/Feb/2002:08:31:47 -0900] "GET
> > /scripts/root.exe?/c+dir HTTP/1.0" 404 278
> > 209.34.27.7 - - [27/Feb/2002:08:31:48 -0900] "GET
> > /MSADC/root.exe?/c+dir HTTP/1.0" 404 276
> > 209.34.27.7 - - [27/Feb/2002:08:31:50 -0900] "GET
> /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286
> > 209.34.27.7 - - [27/Feb/2002:08:31:51 -0900] "GET
> /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0"
>
>
>

• Next message: Fielder George Dowding: "Re: more custom case goodness"
• Previous message: Kirk McFadden: "APU Fridays?"
• In reply to: Jason C. Neumann: "Re: Anyone Else Getting Hits Like This ?"
• Next in thread: Robert Swift: "Re: Anyone Else Getting Hits Like This ?"
• Reply: Fielder George Dowding: "Re: Anyone Else Getting Hits Like This ?"
• Reply: Fielder George Dowding: "Re: Anyone Else Getting Hits Like This ?"

This archive was generated by hypermail 2a23 : Thu Feb 28 2002 - 14:34:00 AKST