Re: openssl attack

From: Jake (jaakkke@dontemailme.coma)
Date: 03/11/03


From: "Jake" <jaakkke@dontemailme.coma>
Date: Tue, 11 Mar 2003 04:12:13 GMT

I did that and it returned:

# wget -S --spider http://localhost
--19:46:41-- http://localhost/
           => `index.html'
Resolving localhost... done.
Connecting to localhost[127.0.0.1]:80... connected.
HTTP request sent, awaiting response...
 1 HTTP/1.1 200 OK
 2 Date: Tue, 11 Mar 2003 03:46:41 GMT
 3 Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12
OpenSSL/0.9.6 DAV/1.0.2 PHP/4.1.2 mod_perl/1.24_01 mod_throttle/3.1.2
 4 Last-Modified: Thu, 15 Nov 2001 20:53:09 GMT
 5 ETag: "1b669-b4a-3bf43b15"
 6 Accept-Ranges: bytes
 7 Content-Length: 2890
 8 Connection: close
 9 Content-Type: text/html
200 OK

"Jem Berkes" <jb@users.pc9.org> wrote in message
news:Xns933AD2762AB48jbuserspc9org@205.200.16.73...
> > Got the following in my apache logs. Is this an attack on my server
> > using some openssl exploit?
>
> Find out what version of OpenSSL you're using. Apache will by default
> return this version in a HEAD reply, you can use my win32 tool for this:
> http://www.pc-tools.net/win32/freeware/gui/viewhead/
>
> Or if you have wget
> wget -S --spider http://yourURL
>
> --
> Jem Berkes
> http://www.pc-tools.net/
> Windows, Linux & UNIX software
>
>