Re: ot? apache directory listing mysteries
On Wed, Sep 18, 2002 at 04:33:25AM +0700, Jean Christophe ANDRÃ? wrote: Did you take a look at the Referer of those access? It might help you to track it down... That's just might be how they get them in the first place. If you buddy downloaded the file and then contacted google.com there are chances that his browser sent the previous URL visited [0]. If it was added in google's database maybe somebody found this after a web search (although the fact that the referer is empty points that this might not be the case). Just my 2c. Javi [0] is this a FUD? I believe google uses this as part of his spidering process, I'm also not sure if the browser would provide this information, though. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ot? apache directory listing mysteries
Hi, Javier Fernández-Sanguino Peña wrote: On Wed, Sep 18, 2002 at 04:33:25AM +0700, Jean Christophe ANDRÃ? wrote: Did you take a look at the Referer of those access? It might help you to track it down... That's just might be how they get them in the first place. If you buddy downloaded the file and then contacted google.com there are chances that his browser sent the previous URL visited [0]. If it was added in google's database maybe somebody found this after a web search (although the fact that the referer is empty points that this might not be the case). at least netscape only sends a referer if i used a link. when i enter an url, e.g. www.google.de after downloading a file, google doesn't know which site i visited before. what about the easiest questions: - did you used ssl or do you trust all the providers between your friend and your server? - do you trust your friend? - do you trust the knowledge of your friend, e.g. that he has no trojaner on his client? - do you trust all the software your friend installed? google toolbar, internet explorer itself, Regards, Ralf -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ot? apache directory listing mysteries
Hi. Javier Fernández-Sanguino Peña wrote: Did you take a look at the Referer of those access? It might help you to track it down... That's just might be how they get them in the first place. If you buddy downloaded the file and then contacted google.com there are chances that his browser sent the previous URL visited [0]. If it was added in google's database maybe somebody found this after a web search (although the fact that the referer is empty points that this might not be the case). Now there was one access with a referrer pointing to some kind of database containing links to movie downloads (yes, the large file I mentioned was a trailer). Along with the link there was the info that the link came from an irc channel in irc (quakenet). So the mysterie is partly resolved (regarding the fact where all those people came from). What still remains is the question how the first person found the file there... [0] is this a FUD? I believe google uses this as part of his spidering process, I'm also not sure if the browser would provide this information, though. It would provide this information in the referrer, this is how I found the link database. :) Bye, Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ot? apache directory listing mysteries
Hi. Ralf Dreibrodt wrote: at least netscape only sends a referer if i used a link. Right, that was one aspect that I forgot. what about the easiest questions: - did you used ssl or do you trust all the providers between your friend and your server? No SSL, but I don't trust any provider in between. In fact most of the accesses came from the same provider that was used by the friend, which is no magic because it is one of the largest providers here in germany (I guess you have heard of T-Online before, right? :)). - do you trust your friend? Yes. - do you trust the knowledge of your friend, e.g. that he has no trojaner on his client? This was the first idea that came to my mind. He is still checking that part. - do you trust all the software your friend installed? google toolbar, internet explorer itself, I'm not sure what software he has installed, but that would be another thing to have a look at. Thanks for the tip. Bye, Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ot? apache directory listing mysteries
On Wed, Sep 18, 2002 at 04:33:25AM +0700, Jean Christophe ANDRÃ? wrote: Did you take a look at the Referer of those access? It might help you to track it down... That's just might be how they get them in the first place. If you buddy downloaded the file and then contacted google.com there are chances that his browser sent the previous URL visited [0]. If it was added in google's database maybe somebody found this after a web search (although the fact that the referer is empty points that this might not be the case). Just my 2c. Javi [0] is this a FUD? I believe google uses this as part of his spidering process, I'm also not sure if the browser would provide this information, though.
Re: ot? apache directory listing mysteries
Hi, Javier Fernández-Sanguino Peña wrote: On Wed, Sep 18, 2002 at 04:33:25AM +0700, Jean Christophe ANDRÃ? wrote: Did you take a look at the Referer of those access? It might help you to track it down... That's just might be how they get them in the first place. If you buddy downloaded the file and then contacted google.com there are chances that his browser sent the previous URL visited [0]. If it was added in google's database maybe somebody found this after a web search (although the fact that the referer is empty points that this might not be the case). at least netscape only sends a referer if i used a link. when i enter an url, e.g. www.google.de after downloading a file, google doesn't know which site i visited before. what about the easiest questions: - did you used ssl or do you trust all the providers between your friend and your server? - do you trust your friend? - do you trust the knowledge of your friend, e.g. that he has no trojaner on his client? - do you trust all the software your friend installed? google toolbar, internet explorer itself, Regards, Ralf
Re: ot? apache directory listing mysteries
Hi. Javier Fernández-Sanguino Peña wrote: Did you take a look at the Referer of those access? It might help you to track it down... That's just might be how they get them in the first place. If you buddy downloaded the file and then contacted google.com there are chances that his browser sent the previous URL visited [0]. If it was added in google's database maybe somebody found this after a web search (although the fact that the referer is empty points that this might not be the case). Now there was one access with a referrer pointing to some kind of database containing links to movie downloads (yes, the large file I mentioned was a trailer). Along with the link there was the info that the link came from an irc channel in irc (quakenet). So the mysterie is partly resolved (regarding the fact where all those people came from). What still remains is the question how the first person found the file there... [0] is this a FUD? I believe google uses this as part of his spidering process, I'm also not sure if the browser would provide this information, though. It would provide this information in the referrer, this is how I found the link database. :) Bye, Mike
Re: ot? apache directory listing mysteries
Hi. Ralf Dreibrodt wrote: at least netscape only sends a referer if i used a link. Right, that was one aspect that I forgot. what about the easiest questions: - did you used ssl or do you trust all the providers between your friend and your server? No SSL, but I don't trust any provider in between. In fact most of the accesses came from the same provider that was used by the friend, which is no magic because it is one of the largest providers here in germany (I guess you have heard of T-Online before, right? :)). - do you trust your friend? Yes. - do you trust the knowledge of your friend, e.g. that he has no trojaner on his client? This was the first idea that came to my mind. He is still checking that part. - do you trust all the software your friend installed? google toolbar, internet explorer itself, I'm not sure what software he has installed, but that would be another thing to have a look at. Thanks for the tip. Bye, Mike
Re: ot? apache directory listing mysteries
On Tue, Sep 17, 2002 at 11:24:31PM +0200, Michael Renzmann wrote: I'm wondering if there is a way to get an directory listing from apache if there is an index.html available in that directory. Yes, if your apache isn't up-to-date. http://www.google.com/search?q=apache%20directory%20listing%20bug Andrew -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ot? apache directory listing mysteries
Michael Renzmann écrivait : I'm wondering if there is a way to get an directory listing from apache if there is an index.html available in that directory. The story behind that question: I put a large file on the webserver that was intended for download for a friend. The only one I told about this file was this friend, and he said he didn't tell anyone about it. Nevertheless since yesterday there have been some requests for this file from various places in the world, not only germany, but also sweden and switzerland, even one aol user accessed the file. [...] Are you using the VirtualHost capability on this server? If so, you should be aware of using some _default_:* entry to catch all access not using (or using a bad) hostname for VirtualHost. If someone access to your server using an undefined VirtualHost, it will arrive on the default configuration of your web server. And if this default configuration doesn't have an Indexes directive, it will be able to list every directories files...! But I'm curious how they found out about it... any ideas? Did you take a look at the Referer of those access? It might help you to track it down... J.C. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ot? apache directory listing mysteries
Hi. Jean Christophe ANDRÃ0/00 wrote: Are you using the VirtualHost capability on this server? Yes. If so, you should be aware of using some _default_:* entry to catch all access not using (or using a bad) hostname for VirtualHost. I just tried to forge a http request targetting at a non-specified domain name that resolved to the correct ip. The result was that the root directory's index.html was shown. So I think this is not the problem. But I'm curious how they found out about it... any ideas? Did you take a look at the Referer of those access? It might help you to track it down... Had this idea, yes. But they all have no referrer when accessing this file. Bye, Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ot? apache directory listing mysteries
Hi. Andrew Pimlott wrote: Yes, if your apache isn't up-to-date. http://www.google.com/search?q=apache%20directory%20listing%20bug Is apache 1.3.26-0woody1 vulnerable to that? As far as I could see the answer should be no, right? Bye, Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ot? apache directory listing mysteries
On Tue, Sep 17, 2002 at 11:24:31PM +0200, Michael Renzmann wrote: I'm wondering if there is a way to get an directory listing from apache if there is an index.html available in that directory. Yes, if your apache isn't up-to-date. http://www.google.com/search?q=apache%20directory%20listing%20bug Andrew
Re: ot? apache directory listing mysteries
Michael Renzmann écrivait : I'm wondering if there is a way to get an directory listing from apache if there is an index.html available in that directory. The story behind that question: I put a large file on the webserver that was intended for download for a friend. The only one I told about this file was this friend, and he said he didn't tell anyone about it. Nevertheless since yesterday there have been some requests for this file from various places in the world, not only germany, but also sweden and switzerland, even one aol user accessed the file. [...] Are you using the VirtualHost capability on this server? If so, you should be aware of using some _default_:* entry to catch all access not using (or using a bad) hostname for VirtualHost. If someone access to your server using an undefined VirtualHost, it will arrive on the default configuration of your web server. And if this default configuration doesn't have an Indexes directive, it will be able to list every directories files...! But I'm curious how they found out about it... any ideas? Did you take a look at the Referer of those access? It might help you to track it down... J.C.
Re: ot? apache directory listing mysteries
Hi. Jean Christophe ANDRÃ0/00 wrote: Are you using the VirtualHost capability on this server? Yes. If so, you should be aware of using some _default_:* entry to catch all access not using (or using a bad) hostname for VirtualHost. I just tried to forge a http request targetting at a non-specified domain name that resolved to the correct ip. The result was that the root directory's index.html was shown. So I think this is not the problem. But I'm curious how they found out about it... any ideas? Did you take a look at the Referer of those access? It might help you to track it down... Had this idea, yes. But they all have no referrer when accessing this file. Bye, Mike
Re: ot? apache directory listing mysteries
Hi. Andrew Pimlott wrote: Yes, if your apache isn't up-to-date. http://www.google.com/search?q=apache%20directory%20listing%20bug Is apache 1.3.26-0woody1 vulnerable to that? As far as I could see the answer should be no, right? Bye, Mike