On Thu, 15 Nov 2001 11:13:12 +0100
"Michael Appeldorn"
This is what I have in my logs I just put the this guy with his /27 ipblock to return-rst chain but I want to make sure I have no vulnarabilities. The guy/girl also did a port scan with a lot of
SuSE7.1 running Apache 1.3.19 with all uptodate with regards to SuSE security announcements.
Is there a need to check anything else because I was planning to get mod_perl installed with cgi-bin enabled (now I need to think again)
212.174.224.28 - - [15/Nov/2001:10:59:38 +0200] "HEAD /cgi-bin/ad.cgi HTTP/1.0" 404 0 212.174.224.28 - - [15/Nov/2001:10:59:38 +0200] "HEAD /cgi-bin/aglimpse HTTP/1.0" 404 0
Seems to be nice scan output like produced by rain forest puppys cgi vuln scanner.
To secure your webserver think about
linux virtual server projekt : ask google chroot jail for web server : ask http://www.suse.com/~marc/SuSE.html
Yup, looks like a whisker scan to me... -- Viel Spaß Nix - nix@susesecurity.com http://www.susesecurity.com