This machine that is scanning you is compromised by fluxay, a password grabber. I would notify the owner and ISP of the machine in question, as it is probably being used by someone to attack you. the machine is in Japan, and is owned by the Skycom Corporation. Anyone have any contact info on these guys?
Blevins -----Original Message----- From: Krishna [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 13, 2002 5:37 AM To: [EMAIL PROTECTED] Subject: Huge size of error_log of httpd !!!Please help Urgent Wednesday, March 13, 2002 6:57:32 PM Hi, The error_log of httpd is going huge in size.The logs show that someone is trying to execute files on the server and it continues to modify its search.This is the log [Sun Mar 10 06:05:39 2002] [error] [client 210.254.142.39] File does not exist: /home/httpd/html/cgi/ [Sun Mar 10 06:10:51 2002] [error] [client 210.254.142.39] File does not exist: /home/httpd/html/admin-serv/config/admpw [Sun Mar 10 06:12:39 2002] [error] [client 210.254.142.39] File does not exist: /home/httpd/html/publisher [Sun Mar 10 06:31:27 2002] [error] [client 210.254.142.39] File does not exist: /home/httpd/html/whois_raw.cgi Is there any way to stop this happening.I put the hosts ipaddress in the hosts.deny.But maybe he does ipspoofing and tries again with a different IP address. Please help as the logs are growing bigger and reducing our bandwidth. I am using RedHat6.0 -- regards, Krishna mailto:[EMAIL PROTECTED] Krishna Shekhar Network Administrator Wiplash.com __ | / /___ _/__ __ \__ /___ |_ ___/__ / / / __ | /| / / __ / __ /_/ /_ / __ /| |____ \__ /_/ / __ |/ |/ / __/ / _ ____/_ /___ ___ |___/ /_ __ / ____/|__/ /___/ /_/ /_____/_/ |_/____/ /_/ /_/ http://wiplash2000.com
