-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-Type: message/rfc822
X-Mailer: exmh version 2.6.3 04/04/2003 with nmh-1.0.4 To: [EMAIL PROTECTED] Subject: Re: Suspiciously Weird Apache Log -- HELP In-Reply-To: Your message of "Sat, 30 Aug 2003 21:00:48 EDT." <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii In message <[EMAIL PROTECTED]>, "Reuben D. Budiardja" said: >On Saturday 30 August 2003 10:11 am, MKlinke wrote: >> On Saturday 30 August 2003 01:39, Reuben D. Budiardja wrote: >> > First of all, is this dangerous and make my machine vulnerable? >> > >> > RDB >> >> You should easily be able to duplicate the entry by telnetting into your >> web server on port 80 and issue the same or similar GET request. In my >> case the URL requested is ignored and the web page's proper data is >> returned but like you the entry in the access log show: >> >> "GET http://www.webtwo.com/" 200 16991 "-" "-" >> >> when, for example test this against www.webone.com. >> >> Take a look at the number after the "200"; is it the nuber of bytes >> contined in YOUR web site? If so, that is what was probably displayed. > >OK, I am don't quite understand this. When I tried telnetting to port 80 on my > >own server, and then say >GET http://www.webtwo.com/ > >all I get in reply is the index page of my own server. So I am fine? The proxy >folder in the apache directory also empty > Yes, you're fine. I did some tests today and I get the same behavior. The logs look like it did a proxy transfer, but in reality it just sent my test homepage. jeffl - -- Jeffrey F. Lawhorn |Internet Security Consulting Software Design Associates, Inc. |IDS Installation/Monitoring [EMAIL PROTECTED] 858-679-5900 x:5900|Firewall Installation/Monitoring http://www.wanet.net/ 858-679-2327 fax | What is your network being used for? How do you know? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Exmh version 2.4 05/15/2001 iD8DBQE/UVCS8C9p/jh+J34RAp23AJ470ve4dNlwZp4Q7Oj6qozVcBGuLwCbBf2B kzBAGLL0un63c7V8hJAh2/E= =oJCj -----END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list