Do you have mod_dav enabled/installed? I'd personally be concerned - I would assume that's somebody's frontpage client that they pointed to your webserver as the datastore ... DAV is not NT/IIS specific - it's an HTTP related extension for versioning a website. If DAV is installed (perhaps by default) you may have a hole.
You could test with a tool like frontpage, dreamweaver, or tswebeditor at http://tswebeditor.at.tf/ to see if you can DAV the site .. or go through your httpd.conf and find any DAV references... On Mon, 6 Jan 2003, David Cogley wrote: > > An entry from my access_log that has been bothering me!!! > > > > 134.22.68.226 - - [02/Jan/2003:07:02:42 -0500] "OPTIONS / HTTP/1.1" 200 - > > "-" "Microsoft-WebDAV-MiniRedir/5.1.2600" > > Hello! > > 1) Is there a better place to post my Apache questions? > > 2) I'm told not to worry since this was a DoS attack attempt directed > against IIS. Is that true? > > 3) Still, since the STATUS CODE was 200, I'm concerned even though the > subsequent dash seems to indicate that no bytes were returned. Was this > OPTIONS request sent with a browser?? > > 4) Other than reading httpd.conf, how can I find out which OPTIONS are > available on DocumentRoot? Can I issue a command through ssh on my own > server? I think I have the server DocumentRoot locked down with a .htaccess > file, but I just want to be absolutely certain. > > Thanks for your patience. > > David Cogley > > > > --- > Send mail for the `bblisa' mailing list to `[EMAIL PROTECTED]'. > Mail administrative requests to `[EMAIL PROTECTED]'. > --- Send mail for the `bblisa' mailing list to `[EMAIL PROTECTED]'. Mail administrative requests to `[EMAIL PROTECTED]'.
