----- Original Message -----
From: "Deocs Postmaster" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 22, 2001 12:16 PM
Subject: what is this?
> Users,
>
> I found this in my access log this morning. The server is
> > Apache-1.3.19+mod_ssl-2.8.1 with mod_dav under Win2K
> and hosts both HTTP and HTTPS.
>
> 63.251.5.48 - - [22/Mar/2001:05:40:58 -0500] "GET
> http://www.yahoo.com/index.html HTTP/1.1" 200 1048
>
> Has anyone else seen this, or know what it means?
>
> Thanks,
> Dave
>
>
Hi,
What has happened is that someone has telneted into your web server and
issued a get command. AFAIK no great mischief can be done by this. I believe
that I'm correct in saying that this is a feature of apache.
Try it for yourself.
I have a test server called testweb, if I do the following 'telnet testweb
80' then 'get hellojonwashere' and then look in my logs, I'll find that 'get
hellojonwashere' is present in my logs.
It can be used to kid some people into believing that you have cracked into
their server - our sys admin beileved it for about 2 days until he contacted
apache.
HTH
Jon Lawrence
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
