Security Incidents mailing list archives
Re: Strange CONNECT entries in apache logs
From: Christine Kronberg <Christine_Kronberg () genua de>
Date: Thu, 12 Jun 2003 11:15:03 +0200 (CEST)
On Tue, 10 Jun 2003, OSCAR wrote:
If 200 is a successful connection, do these lines mean i am in trouble?...
Probably not. Let me guess: Your straing page has a size of 2347 bytes? Did you try by hand to see the results?
21.10.41.230 0 - - [07/Jun/2003:09:32:16 -0500] "GET /index.php?page=../../../../../../../../../../../../../../../etc/passwd HTTP/1.1" 200 38508
38508 bytes transferred? What does your server send?
Cheers,
Chris Kronberg.
--
GeNUA mbH
----------------------------------------------------------------------------
----------------------------------------------------------------------------
Current thread:
- Strange CONNECT entries in apache logs Rajkumar S (Jun 09)
- Re: Strange CONNECT entries in apache logs Tomasz Onyszko (Jun 09)
- Re: Strange CONNECT entries in apache logs Paul Wilson (Jun 10)
- Re: Strange CONNECT entries in apache logs Christine Kronberg (Jun 10)
- Re: Strange CONNECT entries in apache logs OSCAR (Jun 11)
- Re: Strange CONNECT entries in apache logs Christine Kronberg (Jun 12)
- Re: Strange CONNECT entries in apache logs OSCAR (Jun 12)
- Re: Strange CONNECT entries in apache logs OSCAR (Jun 11)
- Re: Strange CONNECT entries in apache logs Darryl Luff (Jun 11)
- Re: Strange CONNECT entries in apache logs Thomas Jensen (Jun 11)
- Re: Strange CONNECT entries in apache logs Christine Kronberg (Jun 12)
- Re: Strange CONNECT entries in apache logs Thomas Jensen (Jun 12)
- Re: Strange CONNECT entries in apache logs Christine Kronberg (Jun 12)
- <Possible follow-ups>
- Re: Strange CONNECT entries in apache logs OSCAR (Jun 12)
- Re: Strange CONNECT entries in apache logs OSCAR (Jun 12)
- Re: Strange CONNECT entries in apache logs Thomas Jensen (Jun 13)