Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

RE: Strange scans
From: "Bill Royds" <lists () royds net>
Date: Sun, 26 May 2002 22:25:06 -0400
Rogers assigns its host names according to the Ethernet address of the computer or router doing the DHCP preceded by 
letters CPE.
so CPE00045adecafc means that the MAC address of the sender was 00:04:5a:de:ca:fc which is in the IBM assigned MAC 
address space. 

-----Original Message-----
From: Allen Smith [mailto:easmith () beatrice rutgers edu]
Sent: Sat May 25 2002 23:04
To: Ed Moyle; Brenna Primrose; incidents () securityfocus com
Subject: Re: Strange scans


On Apr 15,  3:39pm, Ed Moyle wrote:

It's fairly obvious they were looking for IIS and other vulnerabilities,
but why does "GET HTTP://www.microsoft.com/ HTTP/1.0" appear in it?


Looks like it is testing to see if you are a proxy server...


Yes. One (from a former @Home host - why am I not surprised...) just checked
out our Apache server and the associated host (anon ftp attempts, for
instance). I checked the originating server myself to see if _it_ was acting
as a HTTP/SOCKS4-5 proxy, actually (via dsbl.org's testing programs - see
http://www.dsbl.org); will see what results I get. The "Broken Pipe" errors
in the below are due to that it's getting fed a large binary file - I do
that to crackers/worms/etcetera I'm able to recognize. I've sent an email to 
abuse () rogers com/domadmin () RCI ROGERS COM/domtech () RCI ROGERS COM; no non-auto 
response as yet.

May 25 21:39:31 2E:cesario ftpd[241467]: twist CPE00045adecafc.cpe.net.cable.rogers.com to /usr/share/sbin/fftpd
May 25 21:39:31 4D:cesario fftpd[241467]: connection from CPE00045adecafc.cpe.net.cable.rogers.com at Sat May 25 
21:39:31 2002
May 25 21:39:34 2E:cesario ftpd[237390]: twist CPE00045adecafc.cpe.net.cable.rogers.com to /usr/share/sbin/fftpd
May 25 21:39:34 4D:cesario fftpd[237390]: connection from CPE00045adecafc.cpe.net.cable.rogers.com at Sat May 25 
21:39:34 2002
May 25 21:39:35 4D:cesario fftpd[241467]: 241467: 05/25/102 21:39:31 CPE00045adecafc.cpe.net.cable.rogers.com 
connected, duration 4 seconds
May 25 21:39:36 2E:cesario ftpd[241281]: twist CPE00045adecafc.cpe.net.cable.rogers.com to /usr/share/sbin/fftpd
May 25 21:39:36 2E:cesario ftpd[241389]: twist CPE00045adecafc.cpe.net.cable.rogers.com to /usr/share/sbin/fftpd
May 25 21:39:36 4D:cesario fftpd[241389]: connection from CPE00045adecafc.cpe.net.cable.rogers.com at Sat May 25 
21:39:36 2002
May 25 21:39:36 4D:cesario fftpd[241281]: connection from CPE00045adecafc.cpe.net.cable.rogers.com at Sat May 25 
21:39:36 2002
May 25 21:39:36 4D:cesario fftpd[241281]: FTP LOGIN REFUSED FROM CPE00045adecafc.cpe.net.cable.rogers.com, unknown
May 25 21:39:36 4D:cesario fftpd[241389]: 241389: 05/25/102 21:39:36 CPE00045adecafc.cpe.net.cable.rogers.com 
connected, duration 0 seconds
May 25 21:39:36 4D:cesario fftpd[241281]: 241281: 05/25/102 21:39:36 unknown () CPE00045adecafc cpe net cable rogers 
com connected, duration 0 seconds
May 25 21:39:38 4D:cesario fftpd[237390]: 237390: 05/25/102 21:39:34 CPE00045adecafc.cpe.net.cable.rogers.com 
connected, duration 4 seconds
May 25 21:39:38 2E:cesario ftpd[241941]: twist CPE00045adecafc.cpe.net.cable.rogers.com to /usr/share/sbin/fftpd
May 25 21:39:38 4D:cesario fftpd[241941]: connection from CPE00045adecafc.cpe.net.cable.rogers.com at Sat May 25 
21:39:38 2002
May 25 21:39:39 2E:cesario ftpd[242763]: twist CPE00045adecafc.cpe.net.cable.rogers.com to /usr/share/sbin/fftpd
May 25 21:39:39 4D:cesario fftpd[242763]: connection from CPE00045adecafc.cpe.net.cable.rogers.com at Sat May 25 
21:39:39 2002
May 25 21:39:39 4D:cesario fftpd[241941]: FTP LOGIN REFUSED FROM CPE00045adecafc.cpe.net.cable.rogers.com, unknown
May 25 21:39:39 4D:cesario fftpd[241941]: 241941: 05/25/102 21:39:38 unknown () CPE00045adecafc cpe net cable rogers 
com connected, duration 1 seconds
May 25 21:39:39 4D:cesario fftpd[242763]: 242763: 05/25/102 21:39:39 CPE00045adecafc.cpe.net.cable.rogers.com 
connected, duration 0 seconds
May 25 21:39:40 3D:cesario httpd[96927]: [error] [client 24.100.158.35] Invalid method in request ^E^A
May 25 21:39:40 3D:cesario httpd[121042]: [error] [client 24.100.158.35] Invalid method in request ^E^A^B
May 25 21:39:41 3D:cesario httpd[143202]: [error] [client 24.100.158.35] Invalid method in request ^A
May 25 21:39:41 3D:cesario httpd[97156]: [error] [client 24.100.158.35] Invalid method in request ^Z
May 25 21:39:42 2E:cesario ftpd[242320]: twist CPE00045adecafc.cpe.net.cable.rogers.com to /usr/share/sbin/fftpd
May 25 21:39:42 4D:cesario fftpd[242320]: connection from CPE00045adecafc.cpe.net.cable.rogers.com at Sat May 25 
21:39:42 2002
May 25 21:39:43 4D:cesario fftpd[242320]: ANONYMOUS FTP LOGIN REFUSED FROM CPE00045adecafc.cpe.net.cable.rogers.com
May 25 21:39:44 4D:cesario fftpd[242320]: 242320: 05/25/102 21:39:42 CPE00045adecafc.cpe.net.cable.rogers.com 
connected, duration 2 seconds
May 25 21:39:45 3D:cesario httpd[92409]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/invalidfilename.htm
May 25 21:39:45 3D:cesario httpd[142597]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/invalidfilename.cgi
May 25 21:39:46 3D:cesario httpd[142455]: [error] [client 24.100.158.35] Invalid URI in request GET 
/../invalidfilename.htm HTTP/1.0
May 25 21:39:46 3D:cesario httpd[96923]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/invalidfilename.htm
May 25 21:39:47 3D:cesario httpd[141854]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/invalidfilename.cgi
May 25 21:39:47 3D:cesario httpd[96289]: [error] [client 24.100.158.35] Invalid URI in request GET 
/../invalidfilename.htm HTTP/1.0
May 25 21:39:48 3D:cesario httpd[140897]: [error] [client 24.100.158.35] Invalid method in request ^E^A
May 25 21:39:48 3D:cesario httpd[227639]: [error] [client 24.100.158.35] Invalid method in request ^E^A^B
May 25 21:39:48 3D:cesario httpd[142633]: [error] [client 24.100.158.35] Invalid method in request ^Z
May 25 21:39:48 3D:cesario httpd[140893]: [error] [client 24.100.158.35] Invalid method in request ^A
May 25 21:39:48 6D:cesario httpd[142412]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../sensepost.exe: 2 
candidates
May 25 21:39:48 6D:cesario httpd[97118]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../sensepost.exe: 2 
candidates
May 25 21:39:49 6D:cesario httpd[97268]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../cmd1.exe: 2 
candidates
May 25 21:39:49 2E:cesario ftpd[226317]: twist CPE00045adecafc.cpe.net.cable.rogers.com to /usr/share/sbin/fftpd
May 25 21:39:49 6D:cesario httpd[141655]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../cmd1.exe: 2 
candidates
May 25 21:39:49 4D:cesario fftpd[226317]: connection from CPE00045adecafc.cpe.net.cable.rogers.com at Sat May 25 
21:39:49 2002
May 25 21:39:50 6D:cesario httpd[96950]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../cmd.exe: 2 
candidates
May 25 21:39:50 6D:cesario httpd[142413]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../cmd.exe: 2 
candidates
May 25 21:39:50 4D:cesario fftpd[226317]: ANONYMOUS FTP LOGIN REFUSED FROM CPE00045adecafc.cpe.net.cable.rogers.com
May 25 21:39:50 3D:cesario httpd[95395]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/sensepost.exe
May 25 21:39:51 3D:cesario httpd[142592]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/sensepost.exe
May 25 21:39:51 3D:cesario httpd[142625]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/cmd1.exe
May 25 21:39:51 3D:cesario httpd[142578]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/cmd1.exe
May 25 21:39:52 4D:cesario fftpd[226317]: 226317: 05/25/102 21:39:49 CPE00045adecafc.cpe.net.cable.rogers.com 
connected, duration 3 seconds
May 25 21:39:52 3D:cesario httpd[143240]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/cmd.exe
May 25 21:39:53 3D:cesario httpd[178078]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/cmd.exe
May 25 21:39:53 3D:cesario httpd[142666]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/invalidfilename.htm
May 25 21:39:53 3D:cesario httpd[97315]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/sensepost.exe
May 25 21:39:54 3D:cesario httpd[97180]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/sensepost.exe
May 25 21:39:54 3D:cesario httpd[143106]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/invalidfilename.cgi
May 25 21:39:54 3D:cesario httpd[96927]: [error] [client 24.100.158.35] Invalid URI in request GET 
/../invalidfilename.htm HTTP/1.0
May 25 21:39:54 3D:cesario httpd[142980]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/cmd1.exe
May 25 21:39:54 3D:cesario httpd[121042]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/cmd1.exe
May 25 21:39:54 3D:cesario httpd[142395]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/invalidfilename.htm
May 25 21:39:55 3D:cesario httpd[143202]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/cmd.exe
May 25 21:39:55 3D:cesario httpd[97156]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/invalidfilename.cgi
May 25 21:39:55 3D:cesario httpd[142554]: [error] [client 24.100.158.35] Invalid URI in request GET 
/../invalidfilename.htm HTTP/1.0
May 25 21:39:55 3D:cesario httpd[96892]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/cmd.exe
May 25 21:39:56 6D:cesario httpd[142597]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../sensepost.exe: 2 
candidates
May 25 21:39:56 3D:cesario httpd[92409]: [error] [client 24.100.158.35] client denied by server configuration: 
/usr/local/apache/cgi-bin/sensepost.exe
May 25 21:39:56 3D:cesario httpd[96923]: [error] [client 24.100.158.35] client denied by server configuration: 
/usr/local/apache/cgi-bin/sensepost.exe
May 25 21:39:56 6D:cesario httpd[142455]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../sensepost.exe: 2 
candidates
May 25 21:39:57 3D:cesario httpd[141854]: [error] [client 24.100.158.35] client denied by server configuration: 
/usr/local/apache/cgi-bin/cmd1.exe
May 25 21:39:57 6D:cesario httpd[96289]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../cmd1.exe: 2 
candidates
May 25 21:39:57 3D:cesario httpd[140897]: [error] [client 24.100.158.35] client denied by server configuration: 
/usr/local/apache/cgi-bin/cmd1.exe
May 25 21:39:57 6D:cesario httpd[227639]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../cmd1.exe: 2 
candidates
May 25 21:39:57 3D:cesario httpd[142633]: [error] [client 24.100.158.35] client denied by server configuration: 
/usr/local/apache/cgi-bin/cmd.exe
May 25 21:39:58 6D:cesario httpd[140893]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../cmd.exe: 2 
candidates
May 25 21:39:58 3D:cesario httpd[142412]: [error] [client 24.100.158.35] client denied by server configuration: 
/usr/local/apache/cgi-bin/cmd.exe
May 25 21:39:58 6D:cesario httpd[97118]: [info] [client 24.100.158.35] Spelling fix: /..@/../..@/../cmd.exe: 2 
candidates
May 25 21:39:58 3D:cesario httpd[97268]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_cnf/sensepost.exe
May 25 21:39:59 3D:cesario httpd[141655]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/sensepost.exe
May 25 21:39:59 3D:cesario httpd[96950]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_cnf/sensepost.exe
May 25 21:39:59 3D:cesario httpd[142413]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/sensepost.exe
May 25 21:39:59 3D:cesario httpd[95395]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_cnf/cmd1.exe
May 25 21:39:59 3D:cesario httpd[142592]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/cmd1.exe
May 25 21:40:00 3D:cesario httpd[142625]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_cnf/cmd1.exe
May 25 21:40:00 3D:cesario httpd[142578]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/cmd1.exe
May 25 21:40:00 3D:cesario httpd[143240]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_cnf/cmd.exe
May 25 21:40:00 3D:cesario httpd[96988]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/cmd.exe
May 25 21:40:01 3D:cesario httpd[142059]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_cnf/cmd.exe
May 25 21:40:01 3D:cesario httpd[178078]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/iisadmpwd/cmd.exe
May 25 21:40:01 3D:cesario httpd[142666]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_bin/sensepost.exe
May 25 21:40:01 3D:cesario httpd[97315]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/sensepost.exe
May 25 21:40:02 3D:cesario httpd[97180]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_bin/sensepost.exe
May 25 21:40:03 3D:cesario httpd[143106]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_bin/cmd1.exe
May 25 21:40:03 3D:cesario httpd[96927]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_bin/cmd1.exe
May 25 21:40:04 3D:cesario httpd[142980]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_bin/cmd.exe
May 25 21:40:04 3D:cesario httpd[121042]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/vti_bin/cmd.exe
May 25 21:40:05 3D:cesario httpd[143202]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/sensepost.exe
May 25 21:40:05 6D:cesario httpd[142395]: [info] [client 24.100.158.35] (32)Broken pipe: client stopped connection 
before send body completed
May 25 21:40:06 3D:cesario httpd[142554]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/cmd1.exe
May 25 21:40:06 6D:cesario httpd[97156]: [info] [client 24.100.158.35] (32)Broken pipe: client stopped connection 
before send body completed
May 25 21:40:07 6D:cesario httpd[96892]: [info] [client 24.100.158.35] (32)Broken pipe: client stopped connection 
before send body completed
May 25 21:40:08 6D:cesario httpd[142597]: [info] [client 24.100.158.35] (32)Broken pipe: client stopped connection 
before send body completed
May 25 21:40:09 6D:cesario httpd[92409]: [info] [client 24.100.158.35] (32)Broken pipe: client stopped connection 
before send body completed
May 25 21:40:09 3D:cesario httpd[142455]: [error] [client 24.100.158.35] File does not exist: 
/usr/local/apache/htdocs/samples/cmd1.exe
May 25 21:40:10 6D:cesario httpd[96923]: [info] [client 24.100.158.35] (32)Broken pipe: client stopped connection 
before send body completed


cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:35 -0400] "GET / HTTP/1.0" 200 4180 "-" "-" 
[24.100.158.35] "/usr/local/apache/htdocs/index.html" "/" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:35 -0400] "GET HTTP://www.microsoft.com/ HTTP/1.0" 200 
4180 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/index.html" "/" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:39 -0400] "GET / HTTP/1.0" 200 4180 "-" "-" 
[24.100.158.35] "/usr/local/apache/htdocs/index.html" "/" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:40 -0400] "" 501 - "-" "-" [24.100.158.35] 
"/usr/local/apache/htdocs/index.html" "/" "" "HTTP/0.9"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:40 -0400] "" 501 - "-" "-" [24.100.158.35] 
"/usr/local/apache/htdocs/index.html" "/" "" "HTTP/0.9"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:40 -0400] "GET HTTP://www.microsoft.com/ HTTP/1.0" 200 
4180 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/index.html" "/" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:41 -0400] "" 501 - "-" "-" [24.100.158.35] 
"/usr/local/apache/htdocs/index.html" "/" "" "HTTP/0.9"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:41 -0400] "" 501 - "-" "-" [24.100.158.35] 
"/usr/local/apache/htdocs/index.html" "/" "" "HTTP/0.9"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:44 -0400] "HEAD / HTTP/1.0" 200 0 "-" "-" 
[24.100.158.35] "/usr/local/apache/htdocs/index.html" "/" "HEAD" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:45 -0400] "OPTIONS / HTTP/1.0" 200 - "-" "-" 
[24.100.158.35] "/usr/local/apache/htdocs/index.html" "/" "OPTIONS" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:45 -0400] "GET /invalidfilename.htm HTTP/1.0" 404 339 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/invalidfilename.htm" "/invalidfilename.htm" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:45 -0400] "GET /invalidfilename.cgi HTTP/1.0" 404 339 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/invalidfilename.cgi" "/invalidfilename.cgi" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:46 -0400] "GET /invalidfilename.htm HTTP/1.0" 404 339 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/invalidfilename.htm" "/invalidfilename.htm" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:47 -0400] "GET /invalidfilename.cgi HTTP/1.0" 404 339 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/invalidfilename.cgi" "/invalidfilename.cgi" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:48 -0400] "" 501 - "-" "-" [24.100.158.35] 
"/usr/local/apache/htdocs/index.html" "/" "" "HTTP/0.9"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:48 -0400] "" 501 - "-" "-" [24.100.158.35] 
"/usr/local/apache/htdocs/index.html" "/" "" "HTTP/0.9"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:48 -0400] "" 501 - "-" "-" [24.100.158.35] 
"/usr/local/apache/htdocs/index.html" "/" "" "HTTP/0.9"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:48 -0400] "" 501 - "-" "-" [24.100.158.35] 
"/usr/local/apache/htdocs/index.html" "/" "" "HTTP/0.9"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:50 -0400] "GET /iisadmpwd/sensepost.exe?/c+dir 
HTTP/1.0" 404 343 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/sensepost.exe" "GET" 
"HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:51 -0400] "GET /iisadmpwd/sensepost.exe?/c+dir 
HTTP/1.0" 404 343 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/sensepost.exe" "GET" 
"HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:51 -0400] "GET /iisadmpwd/cmd1.exe?/c+dir HTTP/1.0" 404 
338 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:51 -0400] "GET /iisadmpwd/cmd1.exe?/c+dir HTTP/1.0" 404 
338 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:52 -0400] "GET /iisadmpwd/cmd.exe?/c+dir HTTP/1.0" 404 
337 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:52 -0400] "HEAD / HTTP/1.0" 200 0 "-" "-" 
[24.100.158.35] "/usr/local/apache/htdocs/index.html" "/" "HEAD" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:53 -0400] "OPTIONS / HTTP/1.0" 200 - "-" "-" 
[24.100.158.35] "/usr/local/apache/htdocs/index.html" "/" "OPTIONS" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:53 -0400] "GET /iisadmpwd/cmd.exe?/c+dir HTTP/1.0" 404 
337 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:53 -0400] "GET /invalidfilename.htm HTTP/1.0" 404 339 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/invalidfilename.htm" "/invalidfilename.htm" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:53 -0400] "GET /samples/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:54 -0400] "GET /samples/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:54 -0400] "GET /invalidfilename.cgi HTTP/1.0" 404 339 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/invalidfilename.cgi" "/invalidfilename.cgi" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:54 -0400] "GET /samples/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:54 -0400] "GET /samples/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:54 -0400] "GET /invalidfilename.htm HTTP/1.0" 404 339 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/invalidfilename.htm" "/invalidfilename.htm" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:55 -0400] "GET /samples/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:55 -0400] "GET /invalidfilename.cgi HTTP/1.0" 404 339 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/invalidfilename.cgi" "/invalidfilename.cgi" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:55 -0400] "GET /samples/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:58 -0400] "GET /vti_cnf/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:59 -0400] "GET /iisadmpwd/sensepost.exe?/c+dir 
HTTP/1.0" 404 343 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/sensepost.exe" "GET" 
"HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:59 -0400] "GET /vti_cnf/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:59 -0400] "GET /iisadmpwd/sensepost.exe?/c+dir 
HTTP/1.0" 404 343 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/sensepost.exe" "GET" 
"HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:59 -0400] "GET /vti_cnf/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:39:59 -0400] "GET /iisadmpwd/cmd1.exe?/c+dir HTTP/1.0" 404 
338 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:00 -0400] "GET /vti_cnf/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:00 -0400] "GET /iisadmpwd/cmd1.exe?/c+dir HTTP/1.0" 404 
338 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:00 -0400] "GET /vti_cnf/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:00 -0400] "GET /iisadmpwd/cmd.exe?/c+dir HTTP/1.0" 404 
337 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:01 -0400] "GET /vti_cnf/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:01 -0400] "GET /iisadmpwd/cmd.exe?/c+dir HTTP/1.0" 404 
337 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/iisadmpwd" "/iisadmpwd/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:01 -0400] "GET /vti_bin/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:01 -0400] "GET /samples/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:02 -0400] "GET /vti_bin/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:03 -0400] "GET /vti_bin/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:03 -0400] "GET /vti_bin/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:04 -0400] "GET /vti_bin/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:04 -0400] "GET /vti_bin/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:05 -0400] "GET /samples/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:06 -0400] "GET /samples/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:09 -0400] "GET /samples/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:10 -0400] "GET /samples/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:10 -0400] "GET /sensepost.exe?/c+dir HTTP/1.0" 404 333 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/sensepost.exe" "/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:11 -0400] "GET /samples/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/samples" "/samples/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:11 -0400] "GET /sensepost.exe?/c+dir HTTP/1.0" 404 333 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/sensepost.exe" "/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:12 -0400] "GET /cmd1.exe?/c+dir HTTP/1.0" 404 328 "-" 
"-" [24.100.158.35] "/usr/local/apache/htdocs/cmd1.exe" "/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:12 -0400] "GET /cmd1.exe?/c+dir HTTP/1.0" 404 328 "-" 
"-" [24.100.158.35] "/usr/local/apache/htdocs/cmd1.exe" "/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:13 -0400] "GET /cmd.exe?/c+dir HTTP/1.0" 404 327 "-" 
"-" [24.100.158.35] "/usr/local/apache/htdocs/cmd.exe" "/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:13 -0400] "GET /cmd.exe?/c+dir HTTP/1.0" 404 327 "-" 
"-" [24.100.158.35] "/usr/local/apache/htdocs/cmd.exe" "/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:16 -0400] "GET /vti_cnf/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:16 -0400] "GET /vti_cnf/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:17 -0400] "GET /vti_cnf/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:17 -0400] "GET /vti_cnf/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:19 -0400] "GET /vti_cnf/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:19 -0400] "GET /vti_cnf/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_cnf" "/vti_cnf/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:20 -0400] "GET /vti_bin/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:21 -0400] "GET /vti_bin/sensepost.exe?/c+dir HTTP/1.0" 
404 341 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:21 -0400] "GET /vti_bin/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:22 -0400] "GET /vti_bin/cmd1.exe?/c+dir HTTP/1.0" 404 
336 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:22 -0400] "GET /vti_bin/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:23 -0400] "GET /vti_bin/cmd.exe?/c+dir HTTP/1.0" 404 
335 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/vti_bin" "/vti_bin/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:30 -0400] "GET /sensepost.exe?/c+dir HTTP/1.0" 404 333 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/sensepost.exe" "/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:31 -0400] "GET /sensepost.exe?/c+dir HTTP/1.0" 404 333 
"-" "-" [24.100.158.35] "/usr/local/apache/htdocs/sensepost.exe" "/sensepost.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:32 -0400] "GET /cmd1.exe?/c+dir HTTP/1.0" 404 328 "-" 
"-" [24.100.158.35] "/usr/local/apache/htdocs/cmd1.exe" "/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:32 -0400] "GET /cmd1.exe?/c+dir HTTP/1.0" 404 328 "-" 
"-" [24.100.158.35] "/usr/local/apache/htdocs/cmd1.exe" "/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:33 -0400] "GET /cmd.exe?/c+dir HTTP/1.0" 404 327 "-" 
"-" [24.100.158.35] "/usr/local/apache/htdocs/cmd.exe" "/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com - - [25/May/2002:21:40:34 -0400] "GET /cmd.exe?/c+dir HTTP/1.0" 404 327 "-" 
"-" [24.100.158.35] "/usr/local/apache/htdocs/cmd.exe" "/cmd.exe" "GET" "HTTP/1.0"

cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:06 -0400] "GET /msadc/sensepost.exe?/c+dir 
HTTP/1.0" 200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/msadc/sensepost.exe" "GET" 
"HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:07 -0400] "GET /msadc/cmd.exe?/c+dir HTTP/1.0" 
200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/msadc/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:08 -0400] "GET /scripts/sensepost.exe?/c+dir 
HTTP/1.0" 200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/scripts/sensepost.exe" "GET" 
"HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:09 -0400] "GET /scripts/cmd1.exe?/c+dir HTTP/1.0" 
200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/scripts/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:10 -0400] "GET /scripts/cmd.exe?/c+dir HTTP/1.0" 
200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/scripts/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:12 -0400] "GET /msadc/cmd1.exe?/c+dir HTTP/1.0" 
200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/msadc/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:25 -0400] "GET /msadc/sensepost.exe?/c+dir 
HTTP/1.0" 200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/msadc/sensepost.exe" "GET" 
"HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:26 -0400] "GET /msadc/cmd1.exe?/c+dir HTTP/1.0" 
200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/msadc/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:27 -0400] "GET /msadc/cmd.exe?/c+dir HTTP/1.0" 
200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/msadc/cmd.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:28 -0400] "GET /scripts/sensepost.exe?/c+dir 
HTTP/1.0" 200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/scripts/sensepost.exe" "GET" 
"HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:29 -0400] "GET /scripts/cmd1.exe?/c+dir HTTP/1.0" 
200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/scripts/cmd1.exe" "GET" "HTTP/1.0"
cpe00045adecafc.cpe.net.cable.rogers.com unknown - [25/May/2002:21:40:30 -0400] "GET /scripts/cmd.exe?/c+dir HTTP/1.0" 
200 65536 "-" "-" [24.100.158.35] "/usr/local/apache/htdocs/scripts/zero" "/scripts/cmd.exe" "GET" "HTTP/1.0"


-- 
Allen Smith                     http://cesario.rutgers.edu/easmith/
September 11, 2001              A Day That Shall Live In Infamy II
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." - Benjamin Franklin

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]