Asshats with Virus Infected Windows Boxes

To the asshats at h0004bd508ca5.ne.client2.attbi.com and dhcp160164059.columbus.rr.com, please get rid of the virii or trojans on your computers that keep on trying to exploit the non-existant IIS system on my IP.


[many similar lines]


h0004bd508ca5.ne.client2.attbi.com – – [15/Aug/2003:11:49:37 -0700] “GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0” 404 301 “-” “-“

dhcp160164059.columbus.rr.com – – [15/Aug/2003:11:49:53 -0700] “GET /default.ida?XX[lots of X’s]XX%u9090%u6858%[more crap]%u0000%u00=a HTTP/1.0” 404 274 “-” “-”


Thankyou.


Update Some statistics from my apache log files.


Logs start: May 02, 2003

Total Lines: 381258

Total number of occurances of a system trying to exploit with “cmd.exe”: 5358 (1.4%)

Unique Hosts: 151

Unique Hosts on the Shaw Network (24.*): 26