On Mon, Dec 02, 2002 at 02:59:32PM +0100, Mathieu Laurent wrote: > It 's not the error messages when logrotate reload apache config. I have > this problem after a request. > > I have two webserver with the same config. And I can see that the two > servers receive this request and one of them died after. > > I see on the mails in this discussion ( > http://lists.debian.org/debian-security/2002/debian-security-200209/msg00303.html > > ) that apache gives this error message (client sent HTTP/1.1 request > without hostname (see RFC2616 section 14.23): /) when it receives request > from the worm. > > When I check the log from this fatal request on the other server, I have > this: > [Fri Nov 29 15:06:39 2002] [error] [client xxx.xx.x.x] client sent > HTTP/1.1 request without hostname (see RFC2616 section 14.23): /[Fri Nov > 29 15:06:51 2002] [error] mod_ssl: SSL handshake failed (server > xxxxxxx::443, client xxx.xx.x.x (OpenSSL library error follows) > [Fri Nov 29 15:06:52 2002] [error] OpenSSL: error:1406B458:SSL > routines:GET_CLIENT_MASTER_KEY:key arg too long > > I have this error message +/- 5 times by day. And sometimes, apache died. >
ok, it's definitively not the same problem! it seems your experienced a kind of ssl DOS??? Can't help you more... -- Easter-eggs Spécialiste GNU/Linux 44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité Phone: +33 (0) 1 43 35 00 37 - Fax: +33 (0) 1 41 35 00 76 mailto:[EMAIL PROTECTED] - http://www.easter-eggs.com