Security Incidents mailing list archives
Re: Which webserver exploit is this?
From: Fredrik Ostergren <fredrik.ostergren () FREEBOX COM>
Date: Wed, 26 Jul 2000 12:34:59 -0000
I got the same thing the other day. his.ip.net - - [16/Jul/2000:20:21:10 -0500] "http://%a:% p/,HEAD /" 501 - But mine had a different error code (501) Anyone have a suggestion? -Matthew On Sat, 22 Jul 2000, Jaap wrote: <FONT COLOR="#222255">> Hi,</FONT> <FONT COLOR="#222255">></FONT> <FONT COLOR="#222255">> I'm running a some Linux/apache webservers, and all of them have this</FONT> <FONT COLOR="#222255">> somewhere in the logs. Now I don't mind ppl. trying things,</FONT> <FONT COLOR="#222255">> but I would like to know what their trying.</FONT> <FONT COLOR="#222255">></FONT> <FONT COLOR="#222255">> Any ideas?</FONT> <FONT COLOR="#222255">></FONT> <FONT COLOR="#222255">> his.ip.net - - [21/May/2000:20:02:14 +0200] "http://%a:%p/,HEAD /" 403 - </FONT> <FONT COLOR="#222255">></FONT> <FONT COLOR="#222255">> Grtz,</FONT> <FONT COLOR="#222255">></FONT> <FONT COLOR="#222255">> Jaap</FONT> <FONT COLOR="#222255">></FONT> Hi! I'm not really "into" Windows/NT security but are you sure someone is trying to exploit the webserver?. Maybe there's a weird browser in the game or a portscan/OS detection tool?. Cheers! / Fredrik.
Current thread:
- Which webserver exploit is this? Jaap (Jul 22)
- <Possible follow-ups>
- Re: Which webserver exploit is this? The Incubus (Jul 24)
- Re: Which webserver exploit is this? Michael Cook (Jul 24)
- Re: Which webserver exploit is this? Richard Bartlett (Jul 24)
- Re: Which webserver exploit is this? bruj0 Gandalf (Jul 25)
- Which webserver exploit is this? CLEARY Tom <Con> (Jul 25)
- Re: Which webserver exploit is this? Fredrik Ostergren (Jul 26)