it was a pretty lame attack, but an attack none the less, and I cant help but want to look into it. I just happened to be looking over the logs before i went to bed and saw this, makes me wonder how often it actually happens, last summer I caught a guy trying an old Front Pager Server Extension loop hole, but luckily, my web host, Innerhost.com, does a very good job of keeping thier servers secure.(this one is NT 4)
This is what showed up in my server log:
http://***.**.**.***/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
I *Starred* out my server IP. The guy was trying to list the contents of the C: drive, muhahaha, what a joke.
heres his info, anyone know what ISP this is from?
Remote IP: 62.224.56.35
Reverse DNS: p3EE03823.dip.t-dialin.net
Browser Tag: Telnet
the domain is still under development, you would get an under construction page if you went to it, so there arent many places this guy could have gotten my domain name, this Forum is one of them.
This is what showed up in my server log:
http://***.**.**.***/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\
I *Starred* out my server IP. The guy was trying to list the contents of the C: drive, muhahaha, what a joke.
heres his info, anyone know what ISP this is from?
Remote IP: 62.224.56.35
Reverse DNS: p3EE03823.dip.t-dialin.net
Browser Tag: Telnet
the domain is still under development, you would get an under construction page if you went to it, so there arent many places this guy could have gotten my domain name, this Forum is one of them.
