Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Unusual entry in Apache logs

From: "Jonathan Adams" <keirre.adams () gmail com>
Date: Thu, 29 May 2008 19:50:27 -0400
Also found this

http://lists.sans.org/pipermail/list/2003-March/007209.html

and this

http://www.derkeiler.com/Newsgroups/comp.os.linux.security/2003-04/0281.html

which led to this

http://www.kb.cert.org/vuls/id/150227



On Thu, May 29, 2008 at 7:45 PM, Jonathan Adams <keirre.adams () gmail com> wrote:

Neil,

 take a look at this:

http://www.honeynet.org/scans/scan31/sol/

On Thu, May 29, 2008 at 5:54 PM, Neil Dickey <neil () geol niu edu> wrote:


I have of late seen a few entries such as this ...

125.224.192.192 - - [29/May/2008:09:15:34 -0500] "\x05\x01" 501 3100 "-" "-"

... in my Apache webserver logs.  They are the only entry in
the log for the particular source IP; that is, they don't
represent an anomaly in an otherwise normal session.  Such
entries record the only contact made by the source IP.

GOOGLE hasn't told me anything interesting; does anyone know
what this is?

Many thanks for any ideas.

Best regards,

Neil Dickey, Ph.D.
email: neil () geol niu edu
Research Associate/Sysop
Geology Department
Northern Illinois University
DeKalb, Illinois, U.S.A.
60115





--
___________________________
Jon Adams

web: http://www.scis.nova.edu/~jonaadam
mail: keirre.adams () gmail com
---------------------------------------------

"Strength does not come from physical capacity. It comes from an
indomitable will." -
Mohandas Gandhi





-- 
___________________________
Jon Adams

web: http://www.scis.nova.edu/~jonaadam
mail: keirre.adams () gmail com
---------------------------------------------

"Strength does not come from physical capacity. It comes from an
indomitable will." -
Mohandas Gandhi
Previous By Date Next
Previous By Thread Next

Current thread: