Security Incidents mailing list archives

Re: GET x HTTP/1.0

From: <jlewis () lewis org>
Date: Tue, 24 Jul 2001 00:40:04 -0400 (EDT)

On Mon, 23 Jul 2001, Greg Owen wrote:


    Two of these showed up in my web server logs today:

202.100.68.22 - - [23/Jul/2001:11:58:37 -0400] "GET x HTTP/1.0" 400 328
202.99.64.113 - - [23/Jul/2001:17:23:44 -0400] "GET x HTTP/1.0" 400 328


Doesn't look like much.  Perhaps something as silly as a probe to check
your httpd version info, but they didn't realize they could just do HEAD /
HTTP/1.0.

-- 
----------------------------------------------------------------------
 Jon Lewis *jlewis () lewis org*|  I route
 System Administrator        |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

GET x HTTP/1.0 Greg Owen (Jul 23)
- Re: GET x HTTP/1.0 Phil Sorber (Jul 24)
- Re: GET x HTTP/1.0 jlewis (Jul 24)
- Re: GET x HTTP/1.0 John (Jul 24)
  - Re: GET x HTTP/1.0 Seth Milder (Jul 24)
- Re: GET x HTTP/1.0 Ross Oldbury (Jul 24)
- Re: GET x HTTP/1.0 dr john halewood (Jul 24)
- Re: GET x HTTP/1.0 Patryk Chmielewski (Jul 24)
- <Possible follow-ups>
- RE: GET x HTTP/1.0 Portnoy, Gary (Jul 24)