Security Incidents mailing list archives

Re: foreign HTTP requests

From: ddoc () MIA CZ (Daniel Dočekal)
Date: Tue, 20 Jun 2000 14:35:34 +0200

Which makes a client error less likely. It may mean it is a
problem with
proxies, load balancers, some DNS, or your routers. The latter would
imply that the address on at least one side is local to you, which is
reasonably easy to verify. DNS errors might be harder to check - but
lookups on the local DNS of the affected clients ought to give a
misdirection to your site at least in some instances, if you do them
reasonably close to the event. To eliminate proxies (or to
put a name to
the responsible software), you could log the proxy via's. If it should
be a transparent proxy or load distributor, that won't help though.


Yes, it can be anything. But NO routers - requests are made for webs located
on really "opposite" end of all cabling in our funny country. It could be
matter of proxies/load balancers/transparent proxies, i am less sure about
DNS.

Problem is that there is no way how to find it out which i can think of.

Daniel

Current thread:

Re: foreign HTTP requests Daniel Dočekal (Jun 15)
- Re: foreign HTTP requests Nicolas GREGOIRE (Jun 16)
- <Possible follow-ups>
- Re: foreign HTTP requests Daniel Docekal (Jun 16)
  - Re: foreign HTTP requests Nicolas GREGOIRE (Jun 20)
  - Re: foreign HTTP requests Sevo Stille (Jun 20)
- Re: foreign HTTP requests Daniel Dočekal (Jun 20)
- Re: foreign HTTP requests Bjorn Djupvik (Jun 20)
  - Re: foreign HTTP requests Nicolas GREGOIRE (Jun 22)
    - Re: foreign HTTP requests Vladimir Ivaschenko (Jun 22)
    - Re: foreign HTTP requests Bjorn Djupvik (Jun 23)
  - 8.2.2-P5 stops answering queries? Daniel Ramirez (Jun 22)
    - Re: 8.2.2-P5 stops answering queries? Kovacs Andrei (Jun 23)
    - Re: 8.2.2-P5 stops answering queries? jose (Jun 23)