Most ADSL diallers don't have a "keep alive" option - which is
unfortunate. You might want to look into getting a router/firewall with
this option. This will benefit you in 2 ways:
1 - Extra security from hackers/attackers.
2 - You will not have to worry about reconnecting yourself to the
internet.
Another option would be to get a scripting program which has the ability
to ping a site at regular intervals and if the request does not return it
runs a sequence of commands which reconnects the software.
Matt.
-----Original Message-----
From: "Sambar van Dukain" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Date: Sat, 11 May 2002 17:48:36 +0200
Subject: [sambar] Access log entries {03}
> I have the same thing.
> Only my problem is that it kills my connection
> Any ideas!!!
> Got ADSL connection.
>
> TIA Carlo
>
> [2002-05-11 13:28:29] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /scripts/..%5c../winnt/system32/cmd.exe
> [2002-05-11 13:28:31] TRACE: 62.2.214.114 - SMTPD connect received.
> [2002-05-11 13:28:32] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
> [2002-05-11 13:28:33] TRACE: 209.51.142.138 - SOCKS Proxy received.
> [2002-05-11 13:28:34] TRACE: Thread-Pool Worker spawned...
> [2002-05-11 13:28:34] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe
> [2002-05-11 13:28:38] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed):
> /msadc/..%5c../..%5c../..%5c/..��../..��../..��../winnt/system32/cmd.ex
> e
> [2002-05-11 13:28:38] TRACE: Thread-Pool Worker terminating...
> [2002-05-11 13:28:40] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /scripts/..��../winnt/system32/cmd.exe
> [2002-05-11 13:28:44] TRACE: 209.51.142.138 - SOCKS Proxy received.
> [2002-05-11 13:28:48] TRACE: Thread-Pool Worker spawned...
> [2002-05-11 13:28:48] TRACE: 24.26.81.208 - SOCKS Proxy received.
> [2002-05-11 13:28:51] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /scripts/..�/../winnt/system32/cmd.exe
> [2002-05-11 13:28:53] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /scripts/..��../winnt/system32/cmd.exe
> [2002-05-11 13:28:55] TRACE: 209.51.142.138 - SOCKS Proxy received.
> [2002-05-11 13:28:56] TRACE: Thread-Pool Worker spawned...
> [2002-05-11 13:28:56] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /scripts/..��../winnt/system32/cmd.exe
> [2002-05-11 13:28:58] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /scripts/..S5c../winnt/system32/cmd.exe
> [2002-05-11 13:28:59] TRACE: Thread-Pool Worker terminating...
> [2002-05-11 13:29:00] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /scripts/..S5c../winnt/system32/cmd.exe
> [2002-05-11 13:29:03] WARN: HTTP [195.202.66.125]: Invalid URL name
> (..
> not allowed): /scripts/..%5c../winnt/system32/cmd.exe
>
>
> -----Oorspronkelijk bericht-----
> Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens
> Alex Broens
> Verzonden: zaterdag 11 mei 2002 11:23
> Aan: [EMAIL PROTECTED]
> Onderwerp: [sambar] Access log entries {02}
>
> At 10:59 11.05.2002 Dave Culbertson wrote:
> >I am being accessed by quite a few computers with the same or simular
> entries and would like to know the name of what this is. Thanks.
>
> Dave,
> Its Nimda or CodeRed red attacks... nothing to worry about unless you
> run an unpatched IIS :-)
>
> More details under: http://www.sambar.ch/arch/msg16009.html
>
> Alex
>
> -------------------------------------------------------
> To unsubscribe please go to http://www.sambar.ch/list/
>
> -------------------------------------------------------
> To unsubscribe please go to http://www.sambar.ch/list/
>
-------------------------------------------------------
To unsubscribe please go to http://www.sambar.ch/list/
