Re: apache security question

From: default013 - subscriptions (default013subscriptions@hotmail.com)
Date: 06/14/01

Next message: default013 - subscriptions: "Re: apache security question"
Previous message: Neil Fryer: "Re: apache security question"
In reply to: Neil Fryer: "Re: apache security question"
Next in thread: default013 - subscriptions: "Re: apache security question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "default013 - subscriptions" <default013subscriptions@hotmail.com>
To: <freebsd-security@freebsd.org>
Date: Thu, 14 Jun 2001 08:20:33 -0500

Neil,

Thanks all, :)

I attempted this in telnet and got a 'method not supported' message. ... I'm
just being extra careful lately because I know that this guy is tryin to do
things to my box... whatever this was, it didnt work so... thanks

----- Original Message -----
From: "Neil Fryer" <neilf@mip.co.za>
To: "default013 - subscriptions" <default013subscriptions@hotmail.com>;
"default013 - subscriptions" <default013subscriptions@hotmail.com>;
<freebsd-security@FreeBSD.ORG>
Sent: Thursday, June 14, 2001 8:09 AM
Subject: Re: apache security question

> 'ello
>
> Ok, afaik, this command could quite easily be run by telnetting into port
80 on
> your webserver, as you'll have this open anyway on your fw to allow web
> traffic, as for your other question, sorry can't help.
>
> Cheers
> Neil Fryer
> neilf@mip.co.za
>
>
>
> On Thu, 14 Jun 2001, default013 - subscriptions wrote:
> > Hello, I've been advised that someone is attempting to break into my
box,
> > and I know that this person is knowledgeable so I've been watching for
> > unusual activity...
> >
> > I noticed this entry in one of my apache logfiles yesterday, and was
> > wondering if anyone could explain to me what this is:
> >
> > mydomainname.com otherguyshostname.com - - [12/Jun/2001:18:21:35 -0500]
> > "HEAD / HTTP/1.0" 200 0 "-"
> >
> > It appears to me like they somehow executed the 'head' command... how
would
> > one do this, and how could you stop it?
> >
> > Thanks, Jordan
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> --
> "Against stupidity, even the Gods struggle in vain."
> - Friedrich von Schiller
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Next message: default013 - subscriptions: "Re: apache security question"
Previous message: Neil Fryer: "Re: apache security question"
In reply to: Neil Fryer: "Re: apache security question"
Next in thread: default013 - subscriptions: "Re: apache security question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Telnet to port 80
... I just dont like the fact you can telnet via port 80 to ... our webserver and find out what version of IIS were ... >ranges, or only allow it from certain ranges.. ...
(microsoft.public.inetserver.iis.security)
Re: Telnet to port 80
... The telnet port is blocked... ... people telnet'ing to port 80 on our webserver. ... >Block Telnet in your firewall of course. ...
(microsoft.public.inetserver.iis.security)
Re: Telnet to port 80
... >The telnet port is blocked... ... >people telnet'ing to port 80 on our webserver. ... block Telnet to any port. ...
(microsoft.public.inetserver.iis.security)
Re: Telnet to port 80
... > I just dont like the fact you can telnet via port 80 to ... > our webserver and find out what version of IIS were ...
(microsoft.public.inetserver.iis.security)
Re: Telnet port 25
... Subject: Telnet port 25 ... is the sole responsibility of the customer and depends on the customer's ... Configuring sendmail 8.11.0 for Anti-Relay ...
(AIX-L)