Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
Re: [suse-security] HTTP Strange LOG
  • From: Jeff Harris <linux@xxxxxxxxxxxxxxx>
  • Date: Mon, 14 Jul 2003 11:41:22 -0700 (PDT)
  • Message-id: <Pine.LNX.4.44.0307141140521.2204-100000@xxxxxxxxxxxxxxxxxxx>
On Thu, 10 Jul 2003 cydonia@xxxxxxxxxx wrote:

> Dear List,
>
> I have this strange logs in my APache Web server,
>
> 202.159.151.106 - - [10/Jul/2003:14:53:15 +0700] "GET /default.ida?XXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u909
> 0%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%
> u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 271 "-" "-"
>
> Is My WEb server attacked ? If it is, How should i configure my Apache?
>
> Best Regards,
> Kheli

In answer to "How should I configure my Apache,"
http://www.onlamp.com/pub/a/apache/2001/08/16/code_red.html

--
Registered Linux user #304026.
"lynx -source http://www.rallycentral.us/~linux/jharris.asc | gpg --import"
or "gpg --keyserver pgp.mit.edu --recv-key BD23A31E"
Key fingerprint = FB8C 3210 8DE1 78F4 6505 5918 0C34 BE94 BD23 A31E



< Previous Next >
This Thread
References