Scarpozzi
Lifer
I just wanted to remind all of you out there that there is a security update for IIS 4 and 5 that you need to get if you're running a webserver. Here is where you can get the update. Clicky Clicky
I've been hit by three separate ips in the last week and I've seen at least two other people that have been attacked recently. Routers do not stop this attack since it is a software bug in IIS. This is a copy of my log file from an attack that happened earlier today and what it looks like now that I have the update.
2001-05-11 14:12:17 202.104.197.28 GET /scripts/..\../winnt/system32/cmd.exe 404 66
2001-05-11 14:12:19 202.104.197.28 GET /scripts/..Á%pc../winnt/system32/cmd.exe 404 66
2001-05-11 14:12:19 202.104.197.28 GET /scripts/..À%9v../winnt/system32/cmd.exe 404 66
Luckily it threw back the 404s when they tried to run it. Anyone know of any other critical updates we need to be aware of?
I've been hit by three separate ips in the last week and I've seen at least two other people that have been attacked recently. Routers do not stop this attack since it is a software bug in IIS. This is a copy of my log file from an attack that happened earlier today and what it looks like now that I have the update.
2001-05-11 14:12:17 202.104.197.28 GET /scripts/..\../winnt/system32/cmd.exe 404 66
2001-05-11 14:12:19 202.104.197.28 GET /scripts/..Á%pc../winnt/system32/cmd.exe 404 66
2001-05-11 14:12:19 202.104.197.28 GET /scripts/..À%9v../winnt/system32/cmd.exe 404 66
Luckily it threw back the 404s when they tried to run it. Anyone know of any other critical updates we need to be aware of?
