Re: [users@httpd] Is this a hacking attempt ?

[Patrick Donker <list@xxxxxxxxxxxx>]

Maxim Vexler wrote:

> Is this an hacking attempt ?
> Could someone please suggest a way to decrypted the "\xd7\x92\xd7\x99\" things.
>
> ## Apache Error log : Start
> ## IP & domain were blurred for privacy reasons.
> ####################################################
>
> [Tue Jun 07 17:49:23 2005] [error] [client 62.0.x.x] File does not
> exist: D:/Inetpub/wwwroot/OURSITENAME/htdocs/PublicGallery/Pics-Public/\xd7\x92\xd7\x99\xd7\x99\xd7\x96
> \xd7\x91\xd7\x9e\xd7\xa7\xd7\x9c\xd7\x97\xd7\xaa, referer:
> http://OURDOMAIN/phpBB2/viewtopic.php?t=6836
>
> [Tue Jun 07 17:49:24 2005] [error] [client 62.0.x.x] File does not
> exist: D:/Inetpub/wwwroot/OURSITENAME/htdocs/PublicGallery/Pics-Public/\xd7\x92\xd7\x99\xd7\x99\xd7\x96
> \xd7\x91\xd7\x9e\xd7\xa7\xd7\x9c\xd7\x97\xd7\xaa, referer:
> http://OURDOMAIN/phpBB2/viewtopic.php?t=6836
>
> [Tue Jun 07 17:49:24 2005] [error] [client 62.0.x.x] File does not
> exist: D:/Inetpub/wwwroot/OURSITENAME/htdocs/PublicGallery/Pics-Public/\xd7\x92\xd7\x99\xd7\x99\xd7\x96
> \xd7\x91\xd7\x9e\xd7\xa7\xd7\x9c\xd7\x97\xd7\xaa, referer:
> http://OURDOMAIN/phpBB2/viewtopic.php?t=6836
>
> [Tue Jun 07 17:49:24 2005] [error] [client 62.0.x.x] File does not
> exist: D:/Inetpub/wwwroot/OURSITENAME/htdocs/PublicGallery/Pics-Public/\xd7\x92\xd7\x99\xd7\x99\xd7\x96
> \xd7\x91\xd7\x9e\xd7\xa7\xd7\x9c\xd7\x97\xd7\xaa, referer:
> http://OURDOMAIN/phpBB2/viewtopic.php?t=6836
>
> [Tue Jun 07 17:49:24 2005] [error] [client 62.0.x.x] File does not
> exist: D:/Inetpub/wwwroot/OURSITENAME/htdocs/PublicGallery/Pics-Public/\xd7\x92\xd7\x99\xd7\x99\xd7\x96
> \xd7\x91\xd7\x9e\xd7\xa7\xd7\x9c\xd7\x97\xd7\xaa, referer:
> http://OURDOMAIN/phpBB2/viewtopic.php?t=6836
>
> [Tue Jun 07 17:49:24 2005] [error] [client 62.0.x.x] File does not
> exist: D:/Inetpub/wwwroot/OURSITENAME/htdocs/PublicGallery/Pics-Public/\xd7\x92\xd7\x99\xd7\x99\xd7\x96
> \xd7\x91\xd7\x9e\xd7\xa7\xd7\x9c\xd7\x97\xd7\xaa, referer:
> http://OURDOMAIN/phpBB2/viewtopic.php?t=6836
>
> [Tue Jun 07 17:49:24 2005] [error] [client 62.0.x.x] File does not
> exist: D:/Inetpub/wwwroot/OURSITENAME/htdocs/PublicGallery/Pics-Public/\xd7\x92\xd7\x99\xd7\x99\xd7\x96
> \xd7\x91\xd7\x9e\xd7\xa7\xd7\x9c\xd7\x97\xd7\xaa, referer:
> http://OURDOMAIN/phpBB2/viewtopic.php?t=6836
>
> [Tue Jun 07 17:49:24 2005] [error] [client 62.0.x.x] File does not
> exist: D:/Inetpub/wwwroot/OURSITENAME/htdocs/PublicGallery/Pics-Public/\xd7\x92\xd7\x99\xd7\x99\xd7\x96
> \xd7\x91\xd7\x9e\xd7\xa7\xd7\x9c\xd7\x97\xd7\xaa, referer:
> http://OURDOMAIN/phpBB2/viewtopic.php?t=6836
>
> ####################################################
> ## Apache Error log : End
>
>
> Thank you for helping.
>
>  
Did you do an ip lookup for the source ip? If it belongs to one of the 
searchengine clubs, then it is unlikely. And if it is an attempt, it 
usually is one of those scriptkiddie/zombie IIS hacks...

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx