Sean Conner wrote:
[2] Actually, I do know of some, but they're the software programs that
are currently trying to break in through an insecure webserver or
CGI scripts. You can check your web logfiles and see plenty of
those happening. If any of those requests are 200, then there's a
hole.
As often as not, those 200 often mean the server managed to respond with some
sane answer, while those that ARE NEVER LOGGED manged to segfault the server
during their processing. A new httpd module, mod_log_forensic, is ment to
catch exactly this behavior, it logs a request -before it's processed- and then
at the end writes a corresponding completed entry.
Take the started entries, modulo all completed requests, and you find out any
requests which occured and never finished.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
