Jeff: I am new to Open-SSL and Mod-SSL, infact I'm so new I haven't even attempted to install them yet because I'm still reading over everything..
I've been watching these lists for a while and have gotten alot of good tips from them. I assure you, if "anybody" knows a answer to your problem, you'll get a responce.. ----- Original Message ----- From: "Jeff Bert" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 03, 2002 1:51 PM Subject: Re: new errors in log files > Would someone please respond to this question? > > Jeff > > > > Hi, i'm new to this list and I upgraded to mod-ssl/2.8.10 and > OpenSSL/0.9.6g > > a couple of weeks ago and i've just started seeing a bunch of new errors > in > > my logs this last week. I have no clue whether they are hack attempts or > > errors in my setup: > > > > ssl-error_log: > > [Wed Oct 2 00:43:47 2002] [error] mod_ssl: SSL handshake failed (server > > www.mycom.com:443, client 202.125.137.145) (OpenSSL library error follows) > > [Wed Oct 2 00:43:47 2002] [error] OpenSSL: error:1406B458:SSL > > routines:GET_CLIENT_MASTER_KEY:key arg too long > > > > ssl-engine_log: > > [02/Oct/2002 00:43:07 02011] [info] Connection to child 2 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:07 02011] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:08 02010] [info] Connection to child 1 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:08 02010] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:09 02025] [info] Connection to child 7 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:09 02025] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:10 02022] [info] Connection to child 5 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:10 02022] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:16 02024] [info] Connection to child 6 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:16 02024] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:19 02028] [info] Connection to child 9 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:19 02028] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:20 02027] [info] Connection to child 8 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:20 02027] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:21 02013] [info] Connection to child 4 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:21 02013] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:21 02012] [info] Connection to child 3 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:21 02012] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:22 02009] [info] Connection to child 0 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:22 02009] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:22 16722] [info] Connection to child 10 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:22 16722] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:23 16723] [info] Connection to child 11 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:23 16723] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:24 16724] [info] Connection to child 12 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:24 16724] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:25 16725] [info] Connection to child 13 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:25 16725] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:26 16726] [info] Connection to child 14 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:26 16726] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:27 16727] [info] Connection to child 15 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:27 16727] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:28 16728] [info] Connection to child 16 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:28 16728] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:29 16729] [info] Connection to child 17 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:29 16729] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:38 16731] [info] Connection to child 19 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:38 16731] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:39 16732] [info] Connection to child 20 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:39 16732] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:40 16733] [info] Connection to child 21 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:40 16733] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:45 16734] [info] Connection to child 22 established > > (server www.mycom.com:443, client 202.125.137.145) > > [02/Oct/2002 00:43:45 16734] [info] Seeding PRNG with 1160 bytes of > entropy > > [02/Oct/2002 00:43:47 16733] [error] SSL handshake failed (server > > www.mycom.com:443, client 202.125.137.145) (OpenSSL library er > > or follows) > > [02/Oct/2002 00:43:47 16733] [error] OpenSSL: error:1406B458:SSL > > routines:GET_CLIENT_MASTER_KEY:key arg too long > > [02/Oct/2002 00:43:52 02022] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 02028] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 02013] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 02012] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 02009] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16722] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16723] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16724] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16725] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16726] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16727] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16728] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16729] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16731] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:52 16732] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:53 02027] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:53 02011] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:53 02010] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:53 02025] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:43:53 16734] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > [02/Oct/2002 00:45:16 02024] [info] Spurious SSL handshake > interrupt[Hint: > > Usually just one of those OpenSSL confusions!?] > > > > www-access_log: > > 202.125.137.145 - - [02/Oct/2002:00:43:04 -0700] "GET / HTTP/1.1" 400 307 > > > > www-error_log: > > [Wed Oct 2 00:43:04 2002] [error] [client 202.125.137.145] client sent > > HTTP/1.1 request without hostname (see RFC2616 section 14.23): / > > > > so should I be: > > > > concerned? > > happy that I upgraded? > > or oblivious to this? > > > > and are these hack attempts? > > > > Thanks, > > > > Jeff > > > > ______________________________________________________________________ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > > > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
