ÀÌÀü ÁÖÁ¦ º¸±â :: ´ÙÀ½ ÁÖÁ¦ º¸±â |
±Û¾´ÀÌ |
¸Þ½ÃÁö |
bitinitialize
°¡ÀÔ: 2003³â 12¿ù 17ÀÏ ¿Ã¸° ±Û: 9 À§Ä¡: ÀüºÏ ÀÍ»ê
|
¿Ã·ÁÁü: 2004.1.12 ¿ù, 2:04 pm ÁÖÁ¦: ·Î±×ºÐ¼® ºÎŹµå¸³´Ï´Ù. |
|
|
¾Æ·¡´Â ¾ÆÆÄÄ¡ access_log ÀϺÎÀÔ´Ï´Ù.
Á¢±ÙÀÚ IP´Â xxx·Î ó¸®^^
=============================================================
211.230.xxx.248 - - [12/Jan/2004:05:06:51 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284 "-" "-"
211.230.xxx.248 - - [12/Jan/2004:05:06:51 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298
211.230.xxx.248 - - [12/Jan/2004:05:06:51 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298 "-" "-"
211.230.xxx.248 - - [12/Jan/2004:05:06:51 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315
211.230.xxx.248 - - [12/Jan/2004:05:06:51 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315 "-" "-"
211.230.xxx.248 - - [12/Jan/2004:05:06:52 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315
211.230.xxx.248 - - [12/Jan/2004:05:06:52 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315 "-" "-"
211.230.xxx.248 - - [12/Jan/2004:05:06:52 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 331
211.230.xxx.248 - - [12/Jan/2004:05:06:52 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 331 "-" "-"
211.230.xxx.248 - - [12/Jan/2004:05:06:52 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297
211.230.xxx.248 - - [12/Jan/2004:05:06:52 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 "-" "-"
=============================================================
ÀÌ·¸°Ô µÇ¾î ÀÖ½À´Ï´Ù.
°ø°ÝÀÚ°¡ Á¦ ½Ã½ºÅÛÀ» À©µµ¿ìÁî·Î ¿ÀÀÎ À©µµ¿ìÁî ±â¹ÝÀÇ ÇØÅ· ½ÃµµÇÑ°Å ¸Â³ª¿ä?
ÀÌ°Ô ¾î¶² Á¾·ùÀÇ ÇØÅ·½ÃµµÀÎÁö¿ä?
¾Æ ±×¸®±¸ ¾ÆÆÄÄ¡¿¡¼ Á¢±ÙÀÚ ·Î±×(access_log) ÆÄÀÏ¿¡ ÀúÀÇ IP¸¦ Á¦¿ÜÇÏ°í
±â·ÏÇÏ´Â ¹æ¹ýÀÌ ÀÖ´Ù°í µé¾ú´Âµ¥ httpd.confÀÇ ¾î¶² ºÎºÐÀԴϱî?
µÎ²¨¿î ¸®´ª½º ¹ÙÀ̺í Ã¥À» ¾Æ¹«¸® µÚÁ®µµ ³ª¿ÀÁú ¾Ê³×¿ä?
±×·³ ¸ðµÎ Áñ°Å¿î ¸®´ª½º~ |
|
À§·Î |
|
|
truefeel Ä«Æä °ü¸®ÀÚ
°¡ÀÔ: 2003³â 7¿ù 24ÀÏ ¿Ã¸° ±Û: 1277 À§Ä¡: ´ëÇѹα¹
|
¿Ã·ÁÁü: 2004.1.12 ¿ù, 4:21 pm ÁÖÁ¦: Re: ·Î±×ºÐ¼® (´Ô´Ù ¿úÀÔ´Ï´Ù.) |
|
|
´Ô´Ù(Nimda) ¿úÀÔ´Ï´Ù.
ÀǵµÀûÀÎ ÇØÅ·½Ãµµ¶ó±â º¸´Ù´Â »ó´ë IPµµ °¨¿°µÇ¾î¼ ±×·±´Ù°í º¸½Ã¸é µË´Ï´Ù.
¾ÆÆÄÄ¡¿¡¼´Â ¾Æ¹«·± ¹®Á¦°¡ ¾ø´Â °ÍÀÌ´Ï °ÆÁ¤ÇÏÁö ¾ÊÀ¸¼Åµµ µÇ±¸¿ä,
httpd.conf ¼³Á¤À» ÅëÇØ ´Ô´Ù ¿úÀ» ÀúÀåÇÏÁö ¾ÊÀ» ¼öµµ ÀÖ°í, º°µµ ÆÄÀÏ·Î ÀúÀåÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
´ÙÀ½ ±ÛÀ» Àо¼¼¿ä.
* http://coffeenix.net/board_view.php?cata_code=0&bd_code=16
¾ÆÆÄÄ¡ ·Î±× ¼³Á¤ Áß¿¡¼ '3) images ·Î±×¿Í warm ·Î±×´Â º°µµ·Î ÀúÀå' ºÎºÐ
ÄÚµå: |
SetEnvIf Request_URI "^/default\.ida"¡¡ except=warm¡¡¡¡ # Codered
SetEnvIf Request_URI "/root\.exe?"¡¡¡¡¡¡except=warm¡¡¡¡ # Nimda
SetEnvIf Request_URI "/cmd\.exe?"¡¡¡¡¡¡ except=warm
SetEnvIf Request_URI "^/NULL\.printer"¡¡except=warm¡¡¡¡ #
SetEnvIf Request_URI "^/NULL\.IDA?"¡¡¡¡ except=warm
SetEnvIf Request_URI "^/NULL\.ida?"¡¡¡¡ except=warm
SetEnvIf Request_URI "^/NULL\.idq?"¡¡¡¡ except=warm
SetEnvIf except¡¡¡¡¡¡warm¡¡¡¡ warm
CustomLog logs/access_log common env=!except
CustomLog logs/warm_log¡¡ common env=warm
|
|
|
À§·Î |
|
|
bitinitialize
°¡ÀÔ: 2003³â 12¿ù 17ÀÏ ¿Ã¸° ±Û: 9 À§Ä¡: ÀüºÏ ÀÍ»ê
|
¿Ã·ÁÁü: 2004.1.13 È, 10:02 pm ÁÖÁ¦: ´äº¯ °¨»çµå¸³´Ï´Ù. |
|
|
´äº¯ °¨»çµå·Á¿ä. ¸¹Àº µµ¿òÀÌ µÆ½À´Ï´Ù. |
|
À§·Î |
|
|
|