odd things in website log file

somewhat off topic, but there we go

at another website (a message board) i have been learning about website log files, by reading the access.log file produced.

in this i am finding very odd entries for the file they are trying to access, like:

/scripts/root.exe?/c+dir
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir

i presume someone is trying to hack the server. anyone know where i can get more info on what is going on here, and what other things to look out for?

Locked Post

Advanced Search

Watch this post

Do not email me updates for this post Email me updates for this post

Successfully updated karma reason!

Chances are that would be a worm like Nimda trying to gain access to your server.

Example: http://www.sanctuminc.com/news/advisory/2001/20010901_nimda.html

Googling either of those statements will produce good results for you.

Successfully updated karma reason!

feline...it's not a hack.

http://webstats.anlx.net/content/logfileprocess.asp

Successfully updated karma reason!

kthxbye - Chances are that would be a worm like Nimda trying to gain access to your server.

cool, thanks

normally google is my first stop, but getting info on the format of access.log was such a fuss (via google) that i didnt bother.

the lines on that page are a close match (from memory) for the lines i am seeing in the log file.

yrag - feline...it's not a hack.

yrag, is that the right link? i had a look, but there was no imidiate sign of technical info on the lines in the log files.

Successfully updated karma reason!

Sign Up or Login and this ad disappears!
There are many great features available to you once you register. Sign Up for a free account and browse the forums without ads.