Re: apache security question

From: Peter Pentchev (roam@orbitel.bg)
Date: 06/14/01

• Next message: Bob Fayne: "pam_radius and template_user authentication"
• Previous message: default013 - subscriptions: "Re: apache security question"
• In reply to: default013 - subscriptions: "apache security question"
• Next in thread: Yonatan Bokovza: "RE: apache security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 14 Jun 2001 17:05:58 +0300
From: Peter Pentchev <roam@orbitel.bg>
To: default013 - subscriptions <default013subscriptions@hotmail.com>

On Thu, Jun 14, 2001 at 08:08:36AM -0500, default013 - subscriptions wrote:
> Hello, I've been advised that someone is attempting to break into my box,
> and I know that this person is knowledgeable so I've been watching for
> unusual activity...
>
> I noticed this entry in one of my apache logfiles yesterday, and was
> wondering if anyone could explain to me what this is:
>
> mydomainname.com otherguyshostname.com - - [12/Jun/2001:18:21:35 -0500]
> "HEAD / HTTP/1.0" 200 0 "-"
>
> It appears to me like they somehow executed the 'head' command... how would
> one do this, and how could you stop it?

They did not execute the head(1) command that you would execute if you
typed 'head /etc/motd' on your shell prompt; they made an HTTP HEAD
request, the point of which is to get the headers you would get on a GET
request, without the page itself - this is handy for browsers that want
to check if a particular page has changed.

But yes, as discussed in the thread, the goal was probably to check
your Apache's version.

G'luck,
Peter

-- 
This sentence contains exactly threee erors.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Bob Fayne: "pam_radius and template_user authentication"
• Previous message: default013 - subscriptions: "Re: apache security question"
• In reply to: default013 - subscriptions: "apache security question"
• Next in thread: Yonatan Bokovza: "RE: apache security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: writing a script ... Let's look at your command. ... When you execute this command, ... you don't need grep or ls. ... > head -10 ... (comp.unix.shell) [Full-Disclosure] Advanced usage of system() function. ... and call its arguments as a command for shell. ... as we can see we still didnt get what we want (typing exit ... Connection closed by foreign host. ... think what we want to execute. ... (Full-Disclosure) Advanced usage of system() function. ... and call its arguments as a command for shell. ... as we can see we still didnt get what we want (typing exit we are ... Connection closed by foreign host. ... think what we want to execute. ... (Bugtraq) Re: Wait for background processes to complete ... To be able to execute commands in the background and wait for their ... The documentation I am referring to is http://perldoc.perl.org/. ... You can run a command in the background with: ... There is a general problem with perl documentation: ... (comp.lang.perl.misc) Execute Process Task not failing, but not executing the batch comm ... I can execute the following command from the windows "Run" prompt and it ... Might I have something set weird in SQL Server? ... server being by default configured to run as localsystem account, ... (microsoft.public.sqlserver.dts)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint