Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 14 Jun 2007 02:43:43 +1000
From:      Norberto Meijome <freebsd@meijome.net>
To:        bob@a1poweruser.com
Cc:        Ian Smith <smithi@nimnet.asn.au>, freebsd-questions@freebsd.org
Subject:   Re: Apache access log shows these attack requests
Message-ID:  <20070614024343.10ff6632@localhost>
In-Reply-To: <NBECLJEKGLBKHHFFANMBGEIOCDAA.bob@a1poweruser.com>
References:  <Pine.BSF.3.96.1070613140457.20089A-100000@gaia.nimnet.asn.au> <NBECLJEKGLBKHHFFANMBGEIOCDAA.bob@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, 13 Jun 2007 10:50:20 -0400
"Bob" <bob@a1poweruser.com> wrote:

Hi Bob, please learn how to quote in a reply to a message - it's pretty hard to
figure out who's written what otherwise.

> I checked with ls -l command and I have no pages 7036 in size.

(hmm... does those bytes include the headers et al ? if they do, then u should
be looking for something else other than 7036 in the filesystem...anyway...

> My question
> is why is apache servicing a request for "\x04\x01", this is not a valid
> request in first place.

maybe if you show us your apache config it would be easier to figure out what
you allow or not. To make it simpler, the DEFAULT config in apache (with no
mod_proxy) is quite secure wrt access to / . 

> You wrote "because I disallow 'no referrer'
> plus 'no browser' ("-" "-") connects from non-local addresses, blocking
> heaps of rogue robots"
> Could you give me a example of the httpd.config coding you used for this?
> These denied requests get logged in the access.log, I would think they
> should be logged in the error.log.

well, they are not an error from apache's POV, are they? they get served OK :)
therefore, access. (the fact that you dont like it doenst make it less "correct"
for Apache ;)

B
_________________________
{Beto|Norberto|Numard} Meijome

"The whole problem with the world is that fools and fanatics are always so
certain of themselves, but wiser people so full of doubts." Bertrand Russell

I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070614024343.10ff6632>