Re: [users@httpd] Possible DOS Attack

2016-05-21 Thread Yehuda Katz
On Fri, May 20, 2016 at 7:09 PM, Kurtis Rader wrote: > On Fri, May 20, 2016 at 4:00 PM, Roman Gelfand > wrote: > >> Also, what does this mean? >> > >> ::1 - - [20/May/2016:18:26:09 -0400] "OPTIONS * HTTP/1.0" 200 - "-" >> "Apache/2.4.6 (Red Hat

Re: [users@httpd] Possible DOS Attack

2016-05-21 Thread Richard
> Date: Saturday, May 21, 2016 09:22:24 -0400 > From: "D'Arcy J.M. Cain" > > On 5/20/16 4:00 PM, Roman Gelfand wrote: >> In the last 2 days we have received roughly 1milion of the >> following requests. Just to confirm, is this a DOS attack? >> >> 191.96.249.52 - -

Re: [users@httpd] Possible DOS Attack

2016-05-21 Thread Michael A. Peters
On 05/21/2016 06:22 AM, D'Arcy J.M. Cain wrote: victim but if the coders of these things were smart they would be making real money with legitimate work. Not always that simple. A lot of smart people have trouble getting hired. As for the break-in attempt, there are enough common passwords

Re: [users@httpd] Possible DOS Attack

2016-05-20 Thread Kurtis Rader
On Fri, May 20, 2016 at 8:54 PM, Kent Frazier wrote: > The abuse email address for 191.96.249.52 is ab...@dmzhost.co > (though most ISPs don't seem to care whether one of their systems has been > hacked or not) > I see that my system was attacked by that address three

Re: [users@httpd] Possible DOS Attack

2016-05-20 Thread Kent Frazier
The abuse email address for 191.96.249.52 is ab...@dmzhost.co (though most ISPs don't seem to care whether one of their systems has been hacked or not) On 5/20/16 4:00 PM, Roman Gelfand wrote: > In the last 2 days we have received roughly 1milion of the following > requests. Just to confirm, is

Re: [users@httpd] Possible DOS Attack

2016-05-20 Thread Richard
> Date: Friday, May 20, 2016 23:36:14 + > From: Richard > >> Date: Friday, May 20, 2016 16:09:58 -0700 >> From: Kurtis Rader >> >> On Fri, May 20, 2016 at 4:00 PM, Roman Gelfand >> wrote: >> >>> In the last 2 days we have received roughly

Re: [users@httpd] Possible DOS Attack

2016-05-20 Thread Richard
> Date: Friday, May 20, 2016 16:09:58 -0700 > From: Kurtis Rader > > On Fri, May 20, 2016 at 4:00 PM, Roman Gelfand > wrote: > >> In the last 2 days we have received roughly 1milion of the >> following requests. Just to confirm, is this a DOS

Re: [users@httpd] Possible DOS Attack

2016-05-20 Thread Kurtis Rader
On Fri, May 20, 2016 at 4:00 PM, Roman Gelfand wrote: > In the last 2 days we have received roughly 1milion of the following > requests. Just to confirm, is this a DOS attack? > > 191.96.249.52 - - [20/May/2016:18:19:22 -0400] "POST /xmlrpc.php HTTP/1.0" > 500 251 "-"

[users@httpd] Possible DOS Attack

2016-05-20 Thread Roman Gelfand
In the last 2 days we have received roughly 1milion of the following requests. Just to confirm, is this a DOS attack? 191.96.249.52 - - [20/May/2016:18:19:22 -0400] "POST /xmlrpc.php HTTP/1.0" 500 251 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" 191.96.249.52 - -