Re: Apache probe

From: Ron Peterson (yrp001@mtholyoke.edu)
Date: 07/11/02

Next message: : "Re: SOLUTION Re: ssh login died suddenly, can't reconnect"
Previous message: Artem S. Tashkinov: "Re: secure file deletion"
In reply to: RainbowHat: "Re: Apache probe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Ron Peterson <yrp001@mtholyoke.edu>
Date: Wed, 10 Jul 2002 22:36:41 GMT

In article <H9UXMMRTRJPW1113FYPKJPMDnHiATlE@blackhole.mit.edu>,
RainbowHat wrote:

> I've never heard the Apache is gone down causing Nimda/Code Red. Dose
> "down" mean segfault or the state of Denial of Service? Have a look at
> /var/log/messages. Do you know when your `up2date` updated to 1.3.22-6?
> I'm seeing this phenomenon occur since updated to 1.3.22-6.

This machine was upgraded to apache-1.3.22-6 before either shutdown.
And by 'gone down' I mean the whole machine went down.

I'm not having trouble identifying the particular probe. What struck me
was that in reviewing my log files, the very last apache access_log
entry was the same for each shutdown. I don't find anything else in any
of the logs that looks anything out of the ordinary.

I may very well be seeing a pattern where this is none. However, if
someone else replied with "hey, that happened to me, too" that might
mean something.

I'm also suspicious that this machine needs a BIOS upgrade. Basically,
so far I just don't have enough information yet to know what happened.

-- 
Ron Peterson                          -o)
Network & Systems Manager             /\\
Mount Holyoke College                _\_v
http://www.mtholyoke.edu/~rpeterso   ----

Next message: : "Re: SOLUTION Re: ssh login died suddenly, can't reconnect"
Previous message: Artem S. Tashkinov: "Re: secure file deletion"
In reply to: RainbowHat: "Re: Apache probe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]