Would someone please respond to this question? Jeff
> Hi, i'm new to this list and I upgraded to mod-ssl/2.8.10 and OpenSSL/0.9.6g > a couple of weeks ago and i've just started seeing a bunch of new errors in > my logs this last week. I have no clue whether they are hack attempts or > errors in my setup: > > ssl-error_log: > [Wed Oct 2 00:43:47 2002] [error] mod_ssl: SSL handshake failed (server > www.mycom.com:443, client 202.125.137.145) (OpenSSL library error follows) > [Wed Oct 2 00:43:47 2002] [error] OpenSSL: error:1406B458:SSL > routines:GET_CLIENT_MASTER_KEY:key arg too long > > ssl-engine_log: > [02/Oct/2002 00:43:07 02011] [info] Connection to child 2 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:07 02011] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:08 02010] [info] Connection to child 1 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:08 02010] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:09 02025] [info] Connection to child 7 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:09 02025] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:10 02022] [info] Connection to child 5 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:10 02022] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:16 02024] [info] Connection to child 6 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:16 02024] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:19 02028] [info] Connection to child 9 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:19 02028] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:20 02027] [info] Connection to child 8 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:20 02027] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:21 02013] [info] Connection to child 4 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:21 02013] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:21 02012] [info] Connection to child 3 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:21 02012] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:22 02009] [info] Connection to child 0 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:22 02009] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:22 16722] [info] Connection to child 10 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:22 16722] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:23 16723] [info] Connection to child 11 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:23 16723] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:24 16724] [info] Connection to child 12 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:24 16724] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:25 16725] [info] Connection to child 13 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:25 16725] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:26 16726] [info] Connection to child 14 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:26 16726] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:27 16727] [info] Connection to child 15 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:27 16727] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:28 16728] [info] Connection to child 16 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:28 16728] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:29 16729] [info] Connection to child 17 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:29 16729] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:38 16731] [info] Connection to child 19 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:38 16731] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:39 16732] [info] Connection to child 20 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:39 16732] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:40 16733] [info] Connection to child 21 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:40 16733] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:45 16734] [info] Connection to child 22 established > (server www.mycom.com:443, client 202.125.137.145) > [02/Oct/2002 00:43:45 16734] [info] Seeding PRNG with 1160 bytes of entropy > [02/Oct/2002 00:43:47 16733] [error] SSL handshake failed (server > www.mycom.com:443, client 202.125.137.145) (OpenSSL library er > or follows) > [02/Oct/2002 00:43:47 16733] [error] OpenSSL: error:1406B458:SSL > routines:GET_CLIENT_MASTER_KEY:key arg too long > [02/Oct/2002 00:43:52 02022] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 02028] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 02013] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 02012] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 02009] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16722] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16723] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16724] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16725] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16726] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16727] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16728] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16729] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16731] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:52 16732] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:53 02027] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:53 02011] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:53 02010] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:53 02025] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:43:53 16734] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > [02/Oct/2002 00:45:16 02024] [info] Spurious SSL handshake interrupt[Hint: > Usually just one of those OpenSSL confusions!?] > > www-access_log: > 202.125.137.145 - - [02/Oct/2002:00:43:04 -0700] "GET / HTTP/1.1" 400 307 > > www-error_log: > [Wed Oct 2 00:43:04 2002] [error] [client 202.125.137.145] client sent > HTTP/1.1 request without hostname (see RFC2616 section 14.23): / > > so should I be: > > concerned? > happy that I upgraded? > or oblivious to this? > > and are these hack attempts? > > Thanks, > > Jeff > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
