Putz,

(LOL)

What you are seeing is the signature of a NIMDA-infected server. It's trying to pass the virus on to your server. If you are on Apache, or on a Windows server with up-to-date patches, then this is nothing more than an annoyance.

I noticed that one of the hosting services I use has taken a clever approach to these requests: Rather than returning the standard 404 or 403 response page, they made up a special blank page, set the server to remove almost all of the HTTP response headers, and then redirected these requests to those stripped-down response pages. The result is that each reply is only a few bytes long, so this conserves server and network bandwidth until they get around to black-holing the offender at the firewall.

You can do something similar using .htaccess at a user-level.

Jim

"You can do something similar using .htaccess at a user-level"

OK, how is that done?

Or should I talk with my host?

Putz,

It's a bit of work, and I haven't done exactly that. However, reference to the Apache mod_rewrite and mod_headers docmentation [httpd.apache.org] should get you going.

The basic idea is to redirect requests for the regular-expressions pattern

cmd\.exe$

to a "special" blank file, and "manually" delete and/or shorten the headerserved with that filename.

If I get some time, I'll play with it. But right now, things are kinda busy, and it's pay, not play, that I have to work on... ;)

HTH,
Jim