This is what I received in Apache Week.
In the news
IIS vulnerabilities show up in Apache log files
We've received a large number of messages over the last few days from system administrators who have seen worrying entries in their Apache access logs. The requests look like this: 192.168.2.12 - - [19/Jul/2001:16:55:47 +0100] "GET /default.ida?NNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3% u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 400 252 -
If you are running Apache there is nothing to worry about, these requests are part of the [3]Code Red Worm virus designed to search out vulnerable IIS servers running on Windows.
However if you'd like to become vulnerable to attacks such as this, Microsoft have a toolkit that will let to migrate from [4]Apache to IIS. (Allegedly the last step is append the text "3L33T crew ownz you" to the bottom of all your web pages to save the crackers some time)
Regards pankaj