Hello Marc,
- What does it mean ? your Web-Server Logfile seems like a try to test different known exploits by using CGI-Scripts on the victim's server.
- Is it dangerous for the machine ? Normally this is a nice try and there are no risks until you have installed one of there Scripts...
- Can I further secure my machine ? It also looks like that there was no way into your system by using this possible exploit in this way. You can secure it by denying any CGI / PHP Scripts (See /etc/httpd/httpd.conf).
PS: I do NOT need the machine beeing accessible by external machines in HTTP If you don't need your HTTP... just switch it off by editing /etc/rc.config "start_httpd=no" or stop it by typeing /sbin/init.d/apache stop
Greetinx, Oliver Grube --------------------------------------------- --IT-Secure - Mit Sicherheit gute Lösungen.-- --------------------------------------------- Security Support * oliver.grube@it-secure.de +49 2161 6897-180 * http://www.it-secure.de