Re: [suse-security] HTTP Strange LOG

On Thu, 10 Jul 2003 cydonia@cbn.net.id wrote:

Dear List,

I have this strange logs in my APache Web server,

202.159.151.106 - - [10/Jul/2003:14:53:15 +0700] "GET /default.ida?XXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u909 0%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00% u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 404 271 "-" "-"

Is My WEb server attacked ? If it is, How should i configure my Apache?

Best Regards, Kheli

In answer to "How should I configure my Apache," http://www.onlamp.com/pub/a/apache/2001/08/16/code_red.html -- Registered Linux user #304026. "lynx -source http://www.rallycentral.us/~linux/jharris.asc | gpg --import" or "gpg --keyserver pgp.mit.edu --recv-key BD23A31E" Key fingerprint = FB8C 3210 8DE1 78F4 6505 5918 0C34 BE94 BD23 A31E