Topic: is this a virus hack or a person hack

[Darren]

i found this in my httpd access log is this someone tring to hack my computer or a virus.
i know i don't have any problems cause there is no cmd.exe in linux but i would like to know whats attacking my system

203.76.8.10 - - [03/Jan/2002:10:08:32 +1000] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 210 "-" "-"
203.76.8.10 - - [03/Jan/2002:10:08:32 +1000] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 208 "-" "-"
203.76.8.10 - - [03/Jan/2002:10:08:33 +1000] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 218 "-" "-"

[Des Dougan]

This is the Nimda worm. There are still plenty of unpatched IIS servers out there....


Des Dougan

[Luke Drumm]

One should that you're safe, a search on this board will reveal all sorts of interesting bits on this (and related) beasties and should you want to start collecting stats you'll want somthing like whats on show at http://familybrown.org/apache-hits.php

Enjoy.

[Alexie]

I have the same problem here, with worm's..http://www.zbox.dk/worm.php