Date: Fri, 14 Jan 2005 10:17:47 -0600 From: Jacob S <stormspotter@6Texans.net> To: freebsd-questions@freebsd.org Subject: Re: Odd (alarming) http log exerpt Message-ID: <20050114101747.1304c5e7@jacob.6texans.net> In-Reply-To: <20050114160030.GB9164@akroteq.com> References: <20050114140441.G802@kenmore.kozy-kabin.nl> <20050114160030.GB9164@akroteq.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 14 Jan 2005 07:00:30 -0900 Andy Firman <andy@firman.us> wrote: > On Fri, Jan 14, 2005 at 02:08:20PM +0100, Colin J. Raven wrote: > > What is this person doing? or attempting to do? I'm guessing nothing > > > > good. > > Is there anything within...say httpd.conf..that I could do to > > prevent > > this..or curtail it before it grows to such an enormous size. > > Looks like a WebDAV exploit. You can run conditional logging in > your apache server to ignore it. If I'm not mistaken, you can also do something fun, like use mod_rewrite to redirect them to fbi.com whenever they try an attack like that. HTH, Jacob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050114101747.1304c5e7>