httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rafael Faura" <>
Subject RE: [users@httpd] some questions...
Date Mon, 26 Jan 2004 00:09:29 GMT

[...] - - [25/Jan/2004:21:19:18 +0100] "GET 
/scripts/nsiislog.dll" 404 -


That's seems like an IIS (Microsoft Internet Information Services, the
Microsoft Webserver) scanner scanning for possible vulnerabilities/exploits
into your server. The '404' at the end of your line is one of the HTTP error
codes that means 'file not found' (the scanner can't find the requested

You'll probably see, with the time, more lines into your log files, lines
like: - - [08/Jan/2004:18:04:02 +0100] "get
nnt/system32/cmd.exe?/c%20dir" 501 - - [16/Jan/2004:00:05:03 +0100] "GET
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404

... and so on.

Near 100% of those scanners or 'exploits' attempts only works on IIS (thanks
to the **big security holes** that IIS 4, IIS 5 & IIS 6 had - or still have,
who knows). From my small and little experience Apache is free of them.

Rafael Faura Cucalón
Web Developer
Bassy Servicios Inform√°ticos

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message