begin craigw quotation: > > Anyway, every single day I get dozens of requests for things like > /MSADC/root.exe, winnt/system32/cmd.exe, etc, etc; all windows stuff & > therefore all failed requests. The typical thing is each IP will look > for about 15 things and then give up. Here's a typical example: > modemcable244.105-203-24.mtl.mc.videotron.ca - - [20/Apr/2002:13:31:48 > -0700] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 210 > > It doesn't really bother me, but I am curious what sort of reactions can > or should be made, or what if anything should be done about them.
Those are Windows viruses, such as Nimda and CodeRed, attempting to attack your machine. Retaliation against the offending sites is tempting, but both futile and illegal. Letting the person know he's infected is probably futile, but sometimes helpful. Here's an approach I like: http://www.dasbistro.com/default_ida_info.html -- Join the Sergio Brandano Fan Club: http://lists.debian.org/debian-user/1999/debian-user-199910/msg00981.html
pgpf1a12gFfRv.pgp
Description: PGP signature
