On Wed, Feb 15, 2006 at 12:57:22PM +0700, Just Nobody wrote: > Mohon pencerahan arti dari # tail -f /var/log/httpd/access_log > > 202.158.105.7 - - [15/Feb/2006:12:43:34 -0500] "SEARCH > /\x90\xc9\xc9\xc9\xc9\xc9\xc9\xc9\xc9\xc9\xc9\xc9\xc9\xc9\xc9........ > 202.158.105.7 - - [15/Feb/2006:12:44:00 -0500] "POST > /_vti_bin/_vti_aut/fp30reg.dll HTTP/1.1" 404 307 "-" "-" > 218.201.75.125 - - [15/Feb/2006:12:48:57 -0500] "GET / HTTP/1.1" 200 > 10781 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" > 202.158.189.252 - - [15/Feb/2006:12:49:17 -0500] "GET / HTTP/1.0" 200 > 10781 "-" "-" > > Apakah ini berarti ada yg lagi usil dengan server saya? > > Klo benar? gmn cara mengatasinya?
Itu biasanya virus Nimda/CodeRed. Kalo saya sih cuekin aja. Harmless selain menuh2in log, kecuali kalo anda pake IIS yg unpatched. Hehe. Ronny
signature.asc
Description: Digital signature