Date: Fri, 14 Jan 2005 17:17:05 +0100 From: "Colin J. Raven" <colin@kenmore.kozy-kabin.nl> To: Jacob S <stormspotter@6Texans.net> Cc: freebsd-questions@freebsd.org Subject: Re: Odd (alarming) http log exerpt Message-ID: <20050114171619.H802@kenmore.kozy-kabin.nl> In-Reply-To: <20050114101747.1304c5e7@jacob.6texans.net> References: <20050114140441.G802@kenmore.kozy-kabin.nl> <20050114160030.GB9164@akroteq.com> <20050114101747.1304c5e7@jacob.6texans.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 14 at 10:17, Jacob S launched this into the bitstream: > On Fri, 14 Jan 2005 07:00:30 -0900 > Andy Firman <andy@firman.us> wrote: > >> On Fri, Jan 14, 2005 at 02:08:20PM +0100, Colin J. Raven wrote: >>> What is this person doing? or attempting to do? I'm guessing nothing >>> >>> good. >>> Is there anything within...say httpd.conf..that I could do to >>> prevent >>> this..or curtail it before it grows to such an enormous size. >> >> Looks like a WebDAV exploit. You can run conditional logging in >> your apache server to ignore it. > > If I'm not mistaken, you can also do something fun, like use mod_rewrite > to redirect them to fbi.com whenever they try an attack like that. > Oh now that *would* be a fun thing to do!! What a hilarious idea!!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050114171619.H802>