[ILUG] Bloody script kiddies
stephane at antefacto.com
Fri Nov 16 14:25:59 GMT 2001
Looking at the daily m$ advisories, i can tell for sure that cmd.exe can
be used on ANY IIS server configured without care, and that's at least
30% of the machines available out there ...
On Fri, 2001-11-16 at 14:22, Niall O Broin wrote:
> Just had a look in the log file to which accesses to one of my web server
> box's IP address goes i.e. requests not to one of the hosted domains. Since
> Sept. there have been 23000+ attempts to get cmd.exe to do something and
> 4000+ attempts to find root.exe, and this is just on one lonely little box.
> I wonder do script kiddies' attempts now use up more bandwidth than porn ?
> And do some poor suckers actually have IIS boxes configured in such a way
> that you can execute arbitray commands just by calling cmd.exe ?
> Irish Linux Users' Group: ilug at linux.ie
> http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information.
> List maintainer: listmaster at linux.ie
"Linux philosophy: Do it Yourself" L. Torvalds
Stephane Dudzinski Systems Administrator
a n t e f a c t o t: +353 1 8586009
www.antefacto.com f: +353 1 8586014
More information about the ILUG