Should I look into this further?
Posted: Thu Dec 30, 2004 11:34 pm
I'm not much of an "expert" when it comes to apache log files but I just noticed this while browsing through them:
I'm assuming they were trying to send commands to my server. Something I should send over to their ISP?
I'm not sure if this is someone trying to get in or not thats why I'm asking. I dont want to be submitting false reports. I have looked up the guys IP and I know his location and what not. Hes not behind a proxy or anything so he most likely aint going anywhere.
Code: Select all
їFri Dec 10 14:44:48 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/scripts/root.exe
їFri Dec 10 14:44:49 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/msadc/root.exe
їFri Dec 10 14:44:50 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/c/winnt/system32/cmd.exe
їFri Dec 10 14:44:51 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/d/winnt/system32/cmd.exe
їFri Dec 10 14:44:53 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/scripts/..%5c/winnt/system32/cmd.exe
їFri Dec 10 14:44:53 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/_vti_bin/..%5c/..%5c/..%5c/winnt/system32/cmd.exe
їFri Dec 10 14:44:55 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/_mem_bin/..%5c/..%5c/..%5c/winnt/system32/cmd.exe
їFri Dec 10 14:44:56 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/msadc/..%5c/..%5c/..%5c/..Á/..Á/..Á/winnt/system32/cmd.exe
їFri Dec 10 14:44:56 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/scripts/..Á/winnt/system32/cmd.exe
їFri Dec 10 14:44:59 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/scripts/..À¯/winnt/system32/cmd.exe
їFri Dec 10 14:45:00 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/scripts/..Áœ/winnt/system32/cmd.exe
їFri Dec 10 14:45:03 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/scripts/..%5c/winnt/system32/cmd.exe
їFri Dec 10 14:45:04 2004] їerror] їclient 24.99.59.199] File does not exist: c:/appserv/www/webdummy/www/scripts/..%2f/winnt/system32/cmd.exeI'm not sure if this is someone trying to get in or not thats why I'm asking. I dont want to be submitting false reports. I have looked up the guys IP and I know his location and what not. Hes not behind a proxy or anything so he most likely aint going anywhere.