durga, You're being hit by NT/2000 worms looking for IIS vulnerabilities. Sadly, one more negative effect of the cretins who wrote these things...
Charlie [EMAIL PROTECTED] wrote: > Hi gurus > one of my apache servers is being bombarded by some IPs (in different > ranges) trying for a root.exe or cmd.exe. etc. > luckily im on redhat 71. linux. > but the tries frequency is every second from some ip or another. > im running portsentry but portesntry does not log port 80 > how do i block them from permanently accessing my server. > BTW ive put that IPs in my /etc/hosts.deny still no joy. > > thanks > durga prasad