McQuistion
> *Sent:* Friday, May 07, 2010 3:07 PM
>
> *To:* nlug-talk@googlegroups.com
> *Subject:* Re: [nlug] Anyone know what these httpd log messages might
> mean?
>
>
>
> That's a good point about fail2ban. We actually use that on one of our
> other servers. I'
McQuistion
Sent: Friday, May 07, 2010 3:07 PM
To: nlug-talk@googlegroups.com
Subject: Re: [nlug] Anyone know what these httpd log messages might mean?
That's a good point about fail2ban. We actually use that on one of our
other servers. I've asked Curt to look into installing it on this
nt:* Friday, May 07, 2010 1:31 PM
> *To:* nlug-talk
> *Subject:* [nlug] Anyone know what these httpd log messages might mean?
>
>
>
> I been getting the following messages in my Logwatch emails for a few
> weeks, now.
>
>
>
> These started after I took this RHEL 4 ser
Subject: Re: [nlug] Anyone know what these httpd log messages might mean?
> GET
>
/empower/fusebox.cfm?fuseaction=WEBSRQ02Image&id=%27%28%20%3F%5FYHIM%29%40
%20%20%0A
> HTTP/1.1 with response code(s) 200 2 responses
It's an automated hack utilizing a buffer overflow or somethin
> GET
> /empower/fusebox.cfm?fuseaction=WEBSRQ02Image&id=%27%28%20%3F%5FYHIM%29%40%20%20%0A
> HTTP/1.1 with response code(s) 200 2 responses
It's an automated hack utilizing a buffer overflow or something.
Unless you have something installed that responds to WEBSRQ02Image
(probably some sort of p
Response code 200 is a success message as you suggest. not certain why it
is being logged by logwatch, but, you should be in good shape.
On Fri, May 7, 2010 at 1:31 PM, Chris McQuistion wrote:
> I been getting the following messages in my Logwatch emails for a few
> weeks, now.
>
> These started
ect: [nlug] Anyone know what these httpd log messages might mean?
I been getting the following messages in my Logwatch emails for a few
weeks, now.
These started after I took this RHEL 4 server and did a physical to
virtual migration over to VMware. I then upgraded it to CentOS 4, sinc
en pleased with it. I have been considering it myself but just have not
had time yet to really dig on it.
From: nlug-talk@googlegroups.com [mailto:nlug-t...@googlegroups.com] On
Behalf Of Chris McQuistion
Sent: Friday, May 07, 2010 1:31 PM
To: nlug-talk
Subject: [nlug] Anyone know what these
short notice.
From: nlug-talk@googlegroups.com [mailto:nlug-t...@googlegroups.com] On
Behalf Of Chris McQuistion
Sent: Friday, May 07, 2010 1:31 PM
To: nlug-talk
Subject: [nlug] Anyone know what these httpd log messages might mean?
I been getting the following messages in my Logwatch emails
On Fri, May 7, 2010 at 1:31 PM, Chris McQuistion
wrote:
> I been getting the following messages in my Logwatch emails for a few weeks,
> now.
> These started after I took this RHEL 4 server and did a physical to virtual
> migration over to VMware. I then upgraded it to CentOS 4, since the RHEL
>
I been getting the following messages in my Logwatch emails for a few weeks,
now.
These started after I took this RHEL 4 server and did a physical to virtual
migration over to VMware. I then upgraded it to CentOS 4, since the RHEL
subscription ran out.
This server primarily runs as a web server,
11 matches
Mail list logo
