[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: curious apache log entry
well, it was definitely messed up. i replicated the request by just
telnetting to port 80 on the server and issueing a get for the full
path...
telnet 10.6.21.10 80
GET http://http://members.shaw.ca/mypunkpage/ / HTTP/1.1
at the very least, i was able to see what they were getting in response.
their isp ended up being very cooperative in tracking down what was going
on and putting a stop to it.
On Fri, 8 Feb 2002, Danny Sauer wrote:
> Couldn't they do that with just a messed-up (either intentionally or
> accidentally) host/dns entry? I'm pretty sure they could...
>
> --Danny
>
> On Fri, Feb 01, 2002 at 11:41:16AM -0600, charles@lunarmedia.net wrote:
> > 24.64.50.122 www.domain.com - [31/Jan/2002:20:34:18 -0600] "GET
> > http://members.shaw.ca/mypunkpage/images/whatwouldtop.jpg H
> > TTP/1.1" 302 227 "http://members.shaw.ca/mypunkpage/content.htm"
> > "Mozilla/4.0 (compatible; MSIE 4.01; Windows NT)"
> >
> > i'm getting this entry in my log files that seems really peculiar. the get
> > request is for an offnet website with a referral coming from said website.
> > i'm not exactly certain _how_ its being done here, but it certainly seems
> > malicious. at very least filling my logs.
> >
> > can someone explain why this request is being processed by apache? the
> > status 302 make me believe that this is being passed.
>
> -
> To unsubscribe, send email to majordomo@luci.org with
> "unsubscribe luci-discuss" in the body.
>
-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.