Date: Sun, 8 Jul 2001 04:47:40 -0700 (PDT) From: "tjk@tksoft.com" <tjk@tksoft.com> To: default013subscriptions@hotmail.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: apache security question Message-ID: <200107081147.EAA15423@smtp3.tksoft.com> In-Reply-To: <OE44ezf9CIElR3n4DVv00010e9b@hotmail.com> from "default013 - subscriptions" at Jun 14, 2001 08:08:36 AM
next in thread | previous in thread | raw e-mail | index | archive | help
Just got back from vacation and saw this. Lots of software use the HEAD method to find out if a page has been modified. If it has, then it downloads the page. The HEAD method is a part of the HTTP protocol, and a very useful part of it. It prints the header for the requested page, but not the page itself. A GET request prints the header and the page. By removing the HEAD capability, you achieve nothing, but you will create problems for yourself. Troy > > Hello, I've been advised that someone is attempting to break into my box, > and I know that this person is knowledgeable so I've been watching for > unusual activity... > > I noticed this entry in one of my apache logfiles yesterday, and was > wondering if anyone could explain to me what this is: > > mydomainname.com otherguyshostname.com - - [12/Jun/2001:18:21:35 -0500] > "HEAD / HTTP/1.0" 200 0 "-" > > It appears to me like they somehow executed the 'head' command... how would > one do this, and how could you stop it? > > Thanks, Jordan > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107081147.EAA15423>