我发现log文件特别大，其中占了3/4的是
212.251.146.73 - - [06/May/2004:11:05:45 +0900] "SEARCH /HTTP/1.0 \x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1V" 414 332
这样的东西，谁知道这是什么玩意儿？
不是完全一样，反正差不多。

我用UltraEdit把这些东西都去掉了，EditPlus是不行事，稍微大点的文件处理起来就死机了，用了50多M内存还没还没完成任务，最后我强制中断EditPlus程序运行。还是UltraEdit厉害，2秒钟不到就搞定了。

Same ip address all the time? Block the ip. Add a "Deny from 68.103.169.233" to the /etc/httpd/httpd.conf file in the appropriate area. Keep in mind that it might be a completely innocent user at the other end that can no longer access your site.

It's the IIS WebDAV exploit: http://edgeos.com/threats/details.php?id=11413
http://www.microsoft.com/technet/security/bulletin/ms03-007.mspx

If you're running Apache on *nix, those lines are just annoying (but can cause problems with Webalizer). If you have IIS, better start patching ASAP!

If you run a web server, there's not much you can do to stop people from sending it bogus commands (like you saw).
But if your concern is merely to stop this stuff being logged, there might be some Apache log configuration settings that you could tweak. But I wouldn't fiddle with that - instead just filter it out when you look at the logs.
E.g. grep -v SEARCH /var/log/apache/access_log
will show you all lines except those containing SEARCH.