General discussion

  • Creator
    Topic
  • #2130645

    web server log files

    Locked

    by mike richling ·

    I’m looking at the log files and I can see that I’ve been looked over by “odd” requests such as cmd.exe and all sorts of other neat things. And I’ve tracked down where some of these calls come from pacific, asia etc. But what I want to know is can I determine if the order of the script that is attempting to run on my server the same footprint as one of the worms running around.

    I want to better understand what the script is that is hitting me, not just who.

All Comments

  • Author
    Replies
    • #3567714

      web server log files

      by curlergirl ·

      In reply to web server log files

      If you go to the Microsoft Security web site (www.microsoft.com/technet and click the link to Security), you will find all the security bulletins that Microsoft has issued for IIS and NT over the past couple of years. These bulletins contain detailed information on the vulnerabilities of the system and what kinds of things you will see in your logs or file system if you have been attacked by the worm or virus that exploits that vulnerability. Hope this helps!

Viewing 0 reply threads