R
randal
First off, here is the link I went to and downloaded to run Apache on my Windows 2000 without configuring anything on my machine,
very nice and
simple process...
go to
http://sourceforge.net/projects/servcd/
Which states:
ServCD is a collection of files which allow you to run Apache, Perl, PHP and MySQL from a CD with no configuration. Simply burn
the files provided in the package to a CD can transport PHP projects to any windows system without fear of incompatibility.
and then select VIEW ALL PROJECT FILES
and you can download
Beta 2 has been released.
It includes Apache 1.3.27, PHP 4.3.1, MySQL 3.23.56, Perl 5.8.0 and PHPMyAdmin 2.4.0.
Can be used from Hard Drive or CD.
So I downloaded and unzipped to my drive using RAR and then took my html files and set in the WWW directory and sure enough, all
works well. If I ever want to play around with CGI and PHP guess this is the first step.
~~~~~HERE IS THE QUESTION~~~~~
So I then took a look at the server error log and saw:
[Fri Jan 09 12:03:32 2004] [error] [client 24.174.89.125] File does not exist: /servcd/www/scripts/root.exe
[Fri Jan 09 12:03:32 2004] [error] [client 24.174.89.125] File does not exist: /servcd/www/msadc/root.exe
[Fri Jan 09 12:03:32 2004] [error] [client 24.174.89.125] File does not exist: /servcd/www/c/winnt/system32/cmd.exe
[Fri Jan 09 12:03:32 2004] [error] [client 24.174.89.125] File does not exist: /servcd/www/d/winnt/system32/cmd.exe
SNIP SNIP SNIP
and was wondering - Does this mean this person was trying to get to my command line in my machine? The IP address is there and I
can see the attempts were made to try a lot of ways to get to certain files and snipped most the log, but is this someone who
tried to get to things they shouldn't? What few times I have had the server running I do get about 3 IP addresses with these types
of error messages. Within say two hours.
How secure is this? Should I configure anything else in the PHP.ini or httpd.conf files for apache?
If this was someone who was trying to run vicious scripts on my machine and I know this IP comes from the Houston based Road
Runner ISP, should I report this person? A simple tracert told me that much...
Kinda paranoid at first leaving my computer on with this running but trying to see if this is how to set up a server.
Also - is there a way to get a program to up my ip dynamic address if it changes so people can still find me? And should I first
register a domain name and then configure this as the only way I can use it thus far is to give people my IP addy but I know that
will change every few months by my ISP, so how do you use a dynamic IP if it changes and still get people to your server?
Thanks for any insight...
randal
very nice and
simple process...
go to
http://sourceforge.net/projects/servcd/
Which states:
ServCD is a collection of files which allow you to run Apache, Perl, PHP and MySQL from a CD with no configuration. Simply burn
the files provided in the package to a CD can transport PHP projects to any windows system without fear of incompatibility.
and then select VIEW ALL PROJECT FILES
and you can download
Beta 2 has been released.
It includes Apache 1.3.27, PHP 4.3.1, MySQL 3.23.56, Perl 5.8.0 and PHPMyAdmin 2.4.0.
Can be used from Hard Drive or CD.
So I downloaded and unzipped to my drive using RAR and then took my html files and set in the WWW directory and sure enough, all
works well. If I ever want to play around with CGI and PHP guess this is the first step.
~~~~~HERE IS THE QUESTION~~~~~
So I then took a look at the server error log and saw:
[Fri Jan 09 12:03:32 2004] [error] [client 24.174.89.125] File does not exist: /servcd/www/scripts/root.exe
[Fri Jan 09 12:03:32 2004] [error] [client 24.174.89.125] File does not exist: /servcd/www/msadc/root.exe
[Fri Jan 09 12:03:32 2004] [error] [client 24.174.89.125] File does not exist: /servcd/www/c/winnt/system32/cmd.exe
[Fri Jan 09 12:03:32 2004] [error] [client 24.174.89.125] File does not exist: /servcd/www/d/winnt/system32/cmd.exe
SNIP SNIP SNIP
and was wondering - Does this mean this person was trying to get to my command line in my machine? The IP address is there and I
can see the attempts were made to try a lot of ways to get to certain files and snipped most the log, but is this someone who
tried to get to things they shouldn't? What few times I have had the server running I do get about 3 IP addresses with these types
of error messages. Within say two hours.
How secure is this? Should I configure anything else in the PHP.ini or httpd.conf files for apache?
If this was someone who was trying to run vicious scripts on my machine and I know this IP comes from the Houston based Road
Runner ISP, should I report this person? A simple tracert told me that much...
Kinda paranoid at first leaving my computer on with this running but trying to see if this is how to set up a server.
Also - is there a way to get a program to up my ip dynamic address if it changes so people can still find me? And should I first
register a domain name and then configure this as the only way I can use it thus far is to give people my IP addy but I know that
will change every few months by my ISP, so how do you use a dynamic IP if it changes and still get people to your server?
Thanks for any insight...
randal