On Saturday 30 August 2003 10:11 am, MKlinke wrote: > On Saturday 30 August 2003 01:39, Reuben D. Budiardja wrote: > > First of all, is this dangerous and make my machine vulnerable? > > > > RDB > > You should easily be able to duplicate the entry by telnetting into your > web server on port 80 and issue the same or similar GET request. In my > case the URL requested is ignored and the web page's proper data is > returned but like you the entry in the access log show: > > "GET http://www.webtwo.com/"; 200 16991 "-" "-" > > when, for example test this against www.webone.com. > > Take a look at the number after the "200"; is it the nuber of bytes > contined in YOUR web site? If so, that is what was probably displayed.
OK, I am don't quite understand this. When I tried telnetting to port 80 on my own server, and then say GET http://www.webtwo.com/ all I get in reply is the index page of my own server. So I am fine? The proxy folder in the apache directory also empty Thanks. RDB > Regards, Mike Klinke -- Reuben D. Budiardja Department of Physics and Astronomy The University of Tennessee, Knoxville, TN ------------------------------------------------- /"\ ASCII Ribbon Campaign against HTML \ / email and proprietary format X attachments. / \ ------------------------------------------------- Have you been used by Microsoft today? Choose your life. Choose freedom. Choose LINUX. ------------------------------------------------- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
