Somebody scribbled about Re: [expert] [EMAIL PROTECTED]: hijack
cont.]
>Now, how do you tell the user? - that is, how do you find out who it is?
That's an interesting question. whois IP used to be the way to do this but
with spammers, it's anyone's guess. A) the IP could be forged or could be
a
On Tue, 2003-11-11 at 15:25, Phil G. wrote:
> On Tue, 11 Nov 2003 08:56:21 -0500, Pierre Fortin <[EMAIL PROTECTED]> wrote:
>
> > On Mon, 10 Nov 2003 21:09:44 -0800 Todd Lyons <[EMAIL PROTECTED]>
> > forwarded:
> >
> >> reviewing the logs, I have seen a large number of GETs in
> >> /var/log/httpd
On Tue, 11 Nov 2003 08:56:21 -0500, Pierre Fortin <[EMAIL PROTECTED]> wrote:
On Mon, 10 Nov 2003 21:09:44 -0800 Todd Lyons <[EMAIL PROTECTED]>
forwarded:
reviewing the logs, I have seen a large number of GETs in
/var/log/httpd/*.log with very long pathnames and/or
requests to xxx.x
On Mon, 10 Nov 2003 21:09:44 -0800 Todd Lyons <[EMAIL PROTECTED]> forwarded:
> reviewing the logs, I have seen a large number of GETs
> in /var/log/httpd/*.log with very long
> pathnames and/or requests to xxx.xxx.xxx:25. I think that
> is how they got in.
Not "in"; but "thr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Update of what is happening to David, forwarded to the list as per his
request.
David, I'd like to see those requests from your logs.
Blue skies... Todd
- - Forwarded message from "David E. Fox" -
Date: Mon, 10 Nov 2003 20