Re: apache security question

From: Neil Fryer (neilf@mip.co.za)
Date: 06/14/01

• Next message: default013 - subscriptions: "Re: apache security question"
• Previous message: default013 - subscriptions: "apache security question"
• In reply to: default013 - subscriptions: "apache security question"
• Next in thread: default013 - subscriptions: "Re: apache security question"
• Reply: default013 - subscriptions: "Re: apache security question"
• Reply: default013 - subscriptions: "Re: apache security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Neil Fryer <neilf@mip.co.za>
To: "default013 - subscriptions" <default013subscriptions@hotmail.com>, "default013 - subscriptions" <default013subscriptions@hotmail.com>, <freebsd-security@FreeBSD.ORG>
Date: Thu, 14 Jun 2001 15:09:24 +0200

'ello

Ok, afaik, this command could quite easily be run by telnetting into port 80 on
your webserver, as you'll have this open anyway on your fw to allow web
traffic, as for your other question, sorry can't help.

Cheers
Neil Fryer
neilf@mip.co.za

On Thu, 14 Jun 2001, default013 - subscriptions wrote:
> Hello, I've been advised that someone is attempting to break into my box,
> and I know that this person is knowledgeable so I've been watching for
> unusual activity...
>
> I noticed this entry in one of my apache logfiles yesterday, and was
> wondering if anyone could explain to me what this is:
>
> mydomainname.com otherguyshostname.com - - [12/Jun/2001:18:21:35 -0500]
> "HEAD / HTTP/1.0" 200 0 "-"
>
> It appears to me like they somehow executed the 'head' command... how would
> one do this, and how could you stop it?
>
> Thanks, Jordan
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- 
"Against stupidity, even the Gods struggle in vain."
					- Friedrich von Schiller
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

• Next message: default013 - subscriptions: "Re: apache security question"
• Previous message: default013 - subscriptions: "apache security question"
• In reply to: default013 - subscriptions: "apache security question"
• Next in thread: default013 - subscriptions: "Re: apache security question"
• Reply: default013 - subscriptions: "Re: apache security question"
• Reply: default013 - subscriptions: "Re: apache security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: server address and port ... to set the address of webserver and its port. ... command of my webserver ... into my_addr and i try to bind the bind function returns an error.how ... (comp.unix.programmer) Re: Emails stuck in queue error 451 4.4.0 Primary target IP addres ... If you had just said "Siv you forgot to include the port number in the ... Telnet command" in your first response after asking me to carry out the ... I said earlier I am not familiar with telnet, I have probably used it twice ... Connecting To smtp.surfdsl.net...Could not open connection to the host, ... (microsoft.public.exchange.misc) Re: Cant read a lonely (char)13 from serialport ... > 1) I writea command to the port ... >is sent back in response to the command that I sent. ... remote device might be accepting a command, ... and wait for an *appropriate* response before ... (comp.os.linux.development.system) RE: ppp confusion ... tun0: Warning: papchap:: Invalid command ... acpi0: power button is handled as a fixed feature programming model. ... pcib0: port ... (freebsd-questions) Re: LPT1 Port Prints to Network Printer ... Open a Command Prompt and key the command: ... LPT1 Port Prints to Network Printer ... (microsoft.public.win2000.printing)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2001-06