Re: what is this?

Sat, 24 Mar 2001 01:17:48 -0800 

I would concur - probably a script kid trying out any Web Servers to see if 
they are running mod_proxy, to use as an anonymous proxy, or bounce point - I 
would recommend checking the IP Address, against your firewall logs, and see 
if there was any other suspicious traffic around the same time. - If there 
is, I would notify the Security branch of your company, or your upstream 
provider.

On Thursday 22 March 2001 09:03, you wrote:
>   Most likely, somebody is trying to see if they can use your Apache server
> as a web proxy.  Based on the status code and file size returned, I would
> guess that your server is not running the proxy module and the default
> virtual host responded instead.
>
> --- Deocs Postmaster <[EMAIL PROTECTED]> wrote:
> > Users,
> >
> > I found this in my access log this morning.  The server is
> >
> >  > Apache-1.3.19+mod_ssl-2.8.1 with mod_dav under Win2K
> >
> > and hosts both HTTP and HTTPS.
> >
> > 63.251.5.48 - - [22/Mar/2001:05:40:58 -0500] "GET
> > http://www.yahoo.com/index.html HTTP/1.1" 200 1048
> >
> > Has anyone else seen this, or know what it means?
> >
> > Thanks,
> > Dave
> >
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
> > User Support Mailing List                      [EMAIL PROTECTED]
> > Automated List Manager                            [EMAIL PROTECTED]
>
> __________________________________________________
> Do You Yahoo!?
> Get email at your own domain with Yahoo! Mail.
> http://personal.mail.yahoo.com/
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
> User Support Mailing List                      [EMAIL PROTECTED]
> Automated List Manager                            [EMAIL PROTECTED]

-- 

Patrick Patterson                       Tel: +1 514 485-0789
President, Chief Security Architect     Fax: +1 514 485-4737
Carillon Information Security Inc.      E-Mail: [EMAIL PROTECTED]

----------------- The New Sound of Network Security -----------------
                  <<  http://www.carillonis.com  >>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to