Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: apache problem

From: SZALAY Attila <sasa () pheniscidae tvnetwork hu>
Date: Tue, 15 Oct 2002 08:07:10 +0200
Hi All!

On 2002 Oct 12, Andre Guimaraes wrote:


[Sat Oct 12 20:21:09 2002] [error] [client 207.99.78.36] request failed:
erroneous characters after protocol string: CONNECT maila.microsoft.com:25 /
HTTP/1.0


Somebody try to send spam with your webserver.
After number of mail relays is dropped down and and that mail relays are in
orbs too, the spammers try another way to send messages. One of them is the
badly configured webservers/firewalls, that accept CONNECT without further
inspection.
Another way is across ftp servers, with bounce attack and open incoming
directory.

I think that he/she try it too hard, :)) and because of this your webserver
et full of memory.

-- 
PGP ID 0x8D143771, /C5 95 43 F8 6F 19 E8 29  53 5E 96 61 05 63 42 D0
GPG ID   ABA0E8B2, 45CF B559 8281 8091 8469  CACD DB71 AEFC ABA0 E8B2

A feladatot nem arra kell bízni aki vállalja, hanem arra, aki ért hozzá.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: