On May 31, 2004, at 12:45 PM, Bob Martin wrote:
The real irony is that it doesn't bother Apache running on NT :)
In all fairness, somewhere along the line there was a patch for this.
All my Apache servers do is put "request failed: URI too long" in the
error log. Even without the fix it really
The real irony is that it doesn't bother Apache running on NT :)
In all fairness, somewhere along the line there was a patch for this.
All my Apache servers do is put "request failed: URI too long" in the
error log. Even without the fix it really wasn't anything more than a
nuisance. Killing
- Original Message -
From: "Vinny Abello" <[EMAIL PROTECTED]>
To: "Mike Nice" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, May 31, 2004 11:31 AM
Subject: Re: What HTTP exploit?
-- snip --
> I thought if it can be crashed by
>
Vinny Abello wrote:
At 11:07 AM 5/31/2004, Mike Nice wrote:
>It seems to be another stupid Microsoft Exploit that just
>causes annoyance for Unix Boxes.
>The only side effect is they fill my dmesg logs with
>signal 11's from apache crashing.
Am I the only one that sees the irony that Apache seg
At 11:07 AM 5/31/2004, Mike Nice wrote:
>It seems to be another stupid Microsoft Exploit that just
>causes annoyance for Unix Boxes.
>The only side effect is they fill my dmesg logs with
>signal 11's from apache crashing.
Am I the only one that sees the irony that Apache seg faults from an
attac
>It seems to be another stupid Microsoft Exploit that just
>causes annoyance for Unix Boxes.
>The only side effect is they fill my dmesg logs with
>signal 11's from apache crashing.
Am I the only one that sees the irony that Apache seg faults from an
attack aimed at Msoft?!
Richard Welty [30/05/04 19:57 -0400]:
> # control logging
> SetEnvIf Request_URI "^/default.ida?" dontlog
> SetEnvIf Request_Method "SEARCH" dontlog
Nathan Torkington's vermicide helps - (needs mod_perl)
srs
# this goes into your httpd.conf file
#
# the push_handlers line below prevent
On Sun, 30 May 2004 15:43:58 -0500 "John Palmer (NANOG Acct)" <[EMAIL PROTECTED]>
wrote:
> Can anyone identify this http exploit? Seen in the apache logs:
> foo.bar.com
> - - [30/May/2004:02:45:28 -0400] "SEARCH
> /\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\
> x02\
It seems to be another stupid Microsoft Exploit that just causes annoyance
for Unix Boxes. The ones on my boxes seem to be about 32K in size and have
been occurring for the past 2 months or more. The only side effect is they
fill my dmesg logs with signal 11's from apache crashing.
pid 74210 (htt
| Behalf Of John Palmer (NANOG Acct)
| Sent: May 30, 2004 4:44 PM
|
| Can anyone identify this http exploit? Seen in the apache logs:
|
| foo.bar.com
| - - [30/May/2004:02:45:28 -0400] "SEARCH
| /\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\
| x02\xb1\x02\xb1\x02\xb1\x0
10 matches
Mail list logo
