Asshats with Virus Infected Windows Boxes

To the asshats at h0004bd508ca5.ne.client2.attbi.com and dhcp160164059.columbus.rr.com, please get rid of the virii or trojans on your computers that keep on trying to exploit the non-existant IIS system on my IP.


[many similar lines]


h0004bd508ca5.ne.client2.attbi.com – – [15/Aug/2003:11:49:37 -0700] “GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0” 404 301 “-” “-“

dhcp160164059.columbus.rr.com – – [15/Aug/2003:11:49:53 -0700] “GET /default.ida?XX[lots of X’s]XX%u9090%u6858%[more crap]%u0000%u00=a HTTP/1.0” 404 274 “-” “-”


Thankyou.


Update Some statistics from my apache log files.


Logs start: May 02, 2003

Total Lines: 381258

Total number of occurances of a system trying to exploit with “cmd.exe”: 5358 (1.4%)

Unique Hosts: 151

Unique Hosts on the Shaw Network (24.*): 26

One Comment on “Asshats with Virus Infected Windows Boxes”

  1. I am trying to picture what an AssHat would look like:
    Does it have a brim?
    One size fits all?
    Can you stick a feather in it?
    Is there a little propeller on top?
    Does it come in any colour other than brown?
    Is it the type one would stick one’s favorite collector pins in?
    I better stop before I am wearing one!