[20/Feb/2003:18:55:31 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0"
404 274 [20/Feb/2003:18:55:32 +0900] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284 [20/Feb/2003:18:55:32 +0900] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 284 [20/Feb/2003:18:55:32 +0900] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 298 [20/Feb/2003:18:55:32 +0900] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315 [20/Feb/2003:18:55:33 +0900] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 315 [20/Feb/2003:18:55:33 +0900] "GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 331 [20/Feb/2003:18:55:33 +0900] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 297 [18/Feb/2003:08:23:29 +0900] "GET /default.ida?NNNNNNNNNNNNNNN...Nがず〜〜と続く |
# Set to one of: Full | OS | Minor | Minimal | Major | Prod # where Full conveys the most information, and Prod the least. # #ServerTokens Full <-- デフォルトでは、Apache+バージョン+OSの情報が表示されます。 ServerTokens Prod <-- 表示をプロダクトのみにします。 # Set to one of: On | Off | EMail # #ServerSignature On ServerSignature Off <-- 表示をプロダクトのみにします。 |
#CustomLog logs/access_log common
<-- この行を訂正します。 ↓ SetEnvIf Remote_Addr 192.168.0. local_zone <-- このようにする事で192.168.0.Xのゾーンからのアクセスはログに出力されなくなります。 CustomLog logs/access_log common env=!local_zone |
06:09:20.558635 61-230-72-170.HINET-IP.hinet.net.3537 > ryouto.smtp: P [tcp sum ok] 1:19(18) ack 27 win 16942 (DF) (ttl 116, id 1244, len 58) 0x0000 4500 003a 04dc 4000 7406 b944 3de6 48aa E..:..@.t..D=.H. 0x0010 c0a8 0165 0dd1 0019 1044 08d1 eea6 890f ...e.....D...... 0x0020 5018 422e e01f 0000 4845 4c4f 2068 6f74 P.B.....HELO.hot 0x0030 6d61 696c 2e63 6f6d 0d0a mail.com.. 06:09:20.743687 61-230-72-170.HINET-IP.hinet.net.3537 > ryouto.smtp: P [tcp sum ok] 19:45(26) ack 47 win 16922 (DF) (ttl 116, id 1330, len 66) 0x0000 4500 0042 0532 4000 7406 b8e6 3de6 48aa E..B.2@.t...=.H. 0x0010 c0a8 0165 0dd1 0019 1044 08e3 eea6 8923 ...e.....D.....# 0x0020 5018 421a b306 0000 4d41 494c 2046 524f P.B.....MAIL.FRO 0x0030 4d3a 3c72 7562 656e 4061 6f6c 2e62 7a3e M:<ruben@aol.bz> 06:09:20.910221 61-230-72-170.HINET-IP.hinet.net.3537 > ryouto.smtp: P [tcp sum ok] 45:69(24) ack 55 win 16914 (DF) (ttl 116, id 1390, len 64) 0x0000 4500 0040 056e 4000 7406 b8ac 3de6 48aa E..@.n@.t...=.H. 0x0010 c0a8 0165 0dd1 0019 1044 08fd eea6 892b ...e.....D.....+ 0x0020 5018 4212 f725 0000 5243 5054 2054 4f3a P.B..%..RCPT.TO: 0x0030 3c72 7562 656e 4061 6f6c 2e62 7a3e 0d0a <ruben@aol.bz>.. 06:09:20.910454 ryouto.smtp > 61-230-72-170.HINET-IP.hinet.net.3537: P [tcp sum ok] 55:126(71) ack 69 win 5840 (DF) (ttl 64, id 60925, len 111) 0x0000 4500 006f edfd 4000 4006 03ee c0a8 0165 E..o..@.@......e 0x0010 3de6 48aa 0019 0dd1 eea6 892b 1044 0915 =.H........+.D.. 0x0020 5018 16d0 7c06 0000 3535 3320 736f 7272 P...|...553.sorr 0x0030 792c 2074 6861 7420 646f 6d61 696e 2069 y,.that.domain.i 0x0040 736e 2774 2069 6e20 6d79 206c 6973 7420 sn't.in.my.list. 0x0050 6f66 2061 6c6c 6f77 6564 2072 6370 7468 of.allowed.rcpth 0x0060 6f73 7473 2028 2335 2e37 2e31 290d 0a osts.(#5.7.1).. |
tcpdump \( not src host 192.168.0 or not dst host 192.168.0 \) and port 25 -vvv -X -s 1500 > /var/qmail/tmp/smtp_out.log & |
お問い合わせはwebmaster@ryouto.jpまで。
Copyright (C)2003 ryouto.jp. All Rights Reserved.