Return-Path: <mailbox1@usgreencardoffice.com> Received: from smtp1.cwidc.net (smtp1.cwidc.net [154.33.63.111]) by xxxx.jp (8.12.8/8.12.5) with ESMTP id h3BDBGKZ017325 for <xxxxx@xxxxx.jp>; Fri, 11 Apr 2003 22:11:19 +0900 Received: from [154.33.63.58] (helo=mail8.cwidc.net) by smtp1.cwidc.net with esmtp (Exim 3.20 #4) id 193yJ3-0004So-00 for xxxxx@xxxxx.jp; Fri, 11 Apr 2003 22:11:01 +0900 Received: from pop by mail8.cwidc.net with local (Exim 3.20 #2) id 193yIz-0003BH-00 for xxxxx@xxxxx.jp; Fri, 11 Apr 2003 22:10:57 +0900 Received: from [206.40.228.122] (helo=sm22.localdomain) by mail8.cwidc.net with esmtp (Exim 3.20 #2) id 193yIy-0003AM-00; Fri, 11 Apr 2003 22:10:56 +0900 Received: from unknown Date: Fri, 11 Apr 2003 07:10:19 -0600 (MDT) Message-Id: <200304111310.h3BDAJIV019352@sm22.localdomain> Comments: Received: from PbD:C6?oC65]:?E6CB]@C];A|E2<6492?oC65]:?E6CB]@C];ANz B Received: from Jx2<2oC65]24|2:2:oC65]2?]688]@C];A|46J`geb_oC65]2?]688]@C];A|7FC F<2H2oC65]2?]688]@C];A|8@?K@FoC65]2?]688]@C];A|9\@oC65]2?]688]@C];ATx M Recei ved: from Ma92>2oC65]2?]688]@C];A|9:0?6EoC65]2?]688]@C];A|9:<2CFoC65]2?]688]@C]; A|:K>\AoC65]2?]688]@C];A|<2EF9:D2oC65]2?]688]@C];A|<:>:oC65]2?]688]@C];ATv T Re ceived: from Tu<F>2oC65]2?]688]@C];A|<FD2?@oC65]2?]688]@C];A|>:J2?@oC65]2?]688] @C];A|?30>2?2oC65]2?]688]@C];A|E\6oC65]2?]688]@C];A|E2<2\<oC65]2?]688]@C];ATq R Received: from AcE6E@C2oC65]2?]688]@C];A|A2EC:4<oC65]2EC]4@];A|92D6oC65]6> 2:=]?6];A|KIad_oC65]6>2:=]?6];A|36673@H=oC65]9@E]4@];A|3JC5oC65]9@E]4@];ATz G Re ceived: from Rm9@?6J366oC65]9@E]4@];A|<:?492?oC65]9@E]4@];A|?282@oC65]9@E]4@] ;A|JFA@>oC65]9@E]4@];A|2=8oC65]:?E6CB]@C];A|3@>3oC65]:?E6CB]@C];AMr Z Receive d: from Nr43c__7oC65]:?E6CB]@C];A|4J36CoC65]:?E6CB]@C];A|7F8F@oC65]:?E6CB]@C]; A|92J2EoC65]:?E6CB]@C];A|9:C@E@oC65]:?E6CB]@C];A|9@C:<:E2oC65]:?E6CB]@C];ATT T Received: from Nz<2KF9:C@oC65]:?E6CB]@C];A|<:5oC65]:?E6CB]@C];A|<@3@=5DoC65]: ?E6CB]@C];A|>2DoC65]:?E6CB]@C];A|>2D2@oC65]:?E6CB]@C];A|>:J23:oC65]:?E6CB]@C]; ARb Y Received: from PQ?:;:oC65]:?E6CB]@C];A|?@<@oC65]:?E6CB]@C];A|D2326oC65]: ?E6CB]@C];A|D249:oC65]:?E6CB]@C];A|D6?36:oC65]:?E6CB]@C];A|D:=6?46oC65]:?E6CB] @C];ARz M Errors: mailbox1@usgreencardoffice.com From: "US Green Card Office Ltd." <mailbox1@usgreencardoffice.com> To: Customer <customer@usgreencardoffice.com> Subject: Get a Green Card for USA MIME-Version: 1.0 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Status: 0092DNS未登録さん03/04/13 20:57ID:??? うざい 219.140.150.166 - - [13/Apr/2003:16:51:23 +0900] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 1045 "-" "-" 219.140.150.166 - - [13/Apr/2003:16:51:26 +0900] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 1045 "-" "-" ・ ・ ・
前にCodeRedに対抗するCode Greenてのが来たけど もう来ないな。 またこないかな。 0093DNS未登録さん03/04/15 13:45ID:??? OrgName: Asia Pacific Network Information Centre NetRange: 202.0.0.0 - 203.255.255.255 CIDR: 202.0.0.0/7
あと、ガーラって調査会社のロボット検索もウザイ ⇒211.4.250.133 0103DNS未登録さん03/04/16 15:34ID:??? OrgName: Asia Pacific Network Information Centre OrgID: APNIC Address: PO Box 2131 City: Milton StateProv: QLD PostalCode: 4064 Country: AU
NetRange: 12.0.0.0 - 12.255.255.255 CIDR: 12.0.0.0/8 NetName: ATT NetHandle: NET-12-0-0-0-1 0105DNS未登録さん03/04/16 15:37ID:??? Network Information: [ネットワーク情報] a. [IPネットワークアドレス] 211.4.250.0 b. [ネットワーク名] I2TS-NET f. [組織名] 株式会社イーツ g. [Organization] I2ts Inc., m. [運用責任者] MK5986JP n. [技術連絡担当者] HI1771JP n. [技術連絡担当者] MK5986JP
マジレスすると普通に Your environment is infected with the virus and it is troubled. Please carry out somehow. とかのほうが(文字コードだなんだ考えずに済んで)いいと思います。 0162148-15903/05/12 13:50ID:???>>160 あ、そうだったんですか。 うちが荒らされたりする分にゃ自分が我慢すれば済むけど、よそ様まで巻き込むのは不本意です。 教えていただいた「SetEnvIf HOST FQDN allowed01」を勉強のために検索してみました。
「Host:ヘッダーを指定しないリクエストを拒否する方法。」として、「ワームは、DNSの逆引きでもしない限り HostヘッダにFQDN名をセットできない、よってIPアドレス指定でアクセスしてきても、404 Object Not Foundエ ラーが返る。」とありましたので、httpd.confに設定してみました。
Port State Service 7/tcp open echo 9/tcp open discard 13/tcp open daytime 17/tcp open qotd 19/tcp open chargen 21/tcp open ftp 25/tcp open smtp 80/tcp open http 135/tcp open loc-srv 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 443/tcp open https 445/tcp filtered microsoft-ds 1025/tcp open NFS-or-IIS 1026/tcp open LSA-or-nterm 6699/tcp open napster 017903/06/14 03:25ID:??? いろいろ情報が見れて楽しいね、他にもっと見れる情報無いかな?
*----> System Information <----* Computer Name: CISCO-ACS User Name: Administrator Number of Processors: 1 Processor Type: x86 Family 6 Model 8 Stepping 10 Windows 2000 Version: 5.0 Current Build: 2195 Service Pack: None Current Type: Uniprocessor Free Registered Organization: prestel Registered Owner: okada