| 1 |
quoth the Iain Buchanan: |
| 2 |
> On Fri, 2008-06-13 at 00:31 -0600, Joseph wrote: |
| 3 |
> > I have in my main "htaccess" file the following condition, is it still |
| 4 |
> > needed: ---------code------------ |
| 5 |
> > # The following makes adjustments to the SSL protocol for Internet |
| 6 |
> > # Explorer browsers |
| 7 |
> > |
| 8 |
> > <IfModule mod_rewrite.c> |
| 9 |
> > RedirectMatch permanent (.*)cmd.exe(.*)$ http://www.microsoft.com |
| 10 |
> > RedirectMatch permanent (.*)root.exe(.*)$ http://www.microsoft.com |
| 11 |
> > RedirectMatch permanent (.*)\/_vti_bin\/(.*)$ http://www.microsoft.com |
| 12 |
> > RedirectMatch permanent (.*)\/scripts\/\.\.(.*)$ http://www.microsoft.com |
| 13 |
> > RedirectMatch permanent (.*)\/_mem_bin\/(.*)$ http://www.microsoft.com |
| 14 |
> > RedirectMatch permanent (.*)\/msadc\/(.*)$ http://www.microsoft.com |
| 15 |
> > RedirectMatch permanent (.*)\/MSADC\/(.*)$ http://www.microsoft.com |
| 16 |
> > RedirectMatch permanent (.*)\/c\/winnt\/(.*)$ http://www.microsoft.com |
| 17 |
> > RedirectMatch permanent (.*)\/d\/winnt\/(.*)$ http://www.microsoft.com |
| 18 |
> > RedirectMatch permanent (.*)\/x90\/(.*)$ http://www.microsoft.com |
| 19 |
> > </IfModule> |
| 20 |
> |
| 21 |
> hee hee! When I had my apache webserver public, I used to get all these |
| 22 |
> requests for wierd url's like that. Then I realised it was just the |
| 23 |
> script kiddies trying the usual exploits that didn't exist. It's |
| 24 |
> probably safe to leave or delete as you see fit. |
| 25 |
|
| 26 |
Yeah, these sorts of requests have all but dried up on my server over the last |
| 27 |
few years, but it was fun to have them all hammer on Microsoft's servers |
| 28 |
rather than mine. |
| 29 |
|
| 30 |
> don't know about the rest of your questions :) |
| 31 |
|
| 32 |
Me neither, but if I was to hazard a guess, I would say that: |
| 33 |
|
| 34 |
RewriteCond %{QUERY_STRING} :/ [NC] |
| 35 |
RewriteRule ^ - [F] |
| 36 |
|
| 37 |
matches any query strings with ":/" in them, and returns a 403 forbidden |
| 38 |
error. Though, I am not sure ":/" is interpreted literally or not. Doesn't |
| 39 |
look like any PCRE i've seen... |
| 40 |
|
| 41 |
|
| 42 |
> -- |
| 43 |
> Iain Buchanan <iaindb at netspace dot net dot au> |
| 44 |
> |
| 45 |
> Nothing can be done in one trip. |
| 46 |
> -- Snider |
| 47 |
|
| 48 |
-d |
| 49 |
-- |
| 50 |
darren kirby :: Part of the problem since 1976 :: http://badcomputer.org |
| 51 |
"...the number of UNIX installations has grown to 10, with more expected..." |
| 52 |
- Dennis Ritchie and Ken Thompson, June 1972 |
| 53 |
-- |
| 54 |
gentoo-user@l.g.o mailing list |
Archives