Re: What means ' CONNECT xyz.xyz.xyz.xyz:25 HTTP/1.1 ' in my apache protocol?

From: Andres Bohren (info@icewolf.ch)
Date: 04/15/03 

From: "Andres Bohren" <info@icewolf.ch>
Date: Tue, 15 Apr 2003 09:38:35 +0200

Hello

> Andres, the convention is to use English in non-language
> specific groups. There are German-specific de.* groups.

I am sorry about that. Now i write in English - probably will get
even more feedback *g*

> Well, it already is. If there's no handler for methods
> such as CONNECT then you can't get apache to do nasty
> things in response to such requests.

67.94.134.55 - - [15/Apr/2003:01:38:16 +0200] "CONNECT 216.136.129.18:25
HTTP/1.0" 200 12059
67.94.134.55 - - [15/Apr/2003:01:38:29 +0200] "CONNECT 66.218.86.254:25
HTTP/1.0" 200 12059
67.94.134.55 - - [15/Apr/2003:01:38:41 +0200] "CONNECT 66.218.86.253:25
HTTP/1.0" 200 12059
217.21.114.141 - - [15/Apr/2003:04:33:11 +0200] "CONNECT 65.54.254.129:25
HTTP/1.1" 200 12087

I'am not shure but the Response Code is "200" for me that means that the
Request was sucsessful... Or am i wrong in that? Is there anything else i
can do?

Andres

Relevant Pages

  • Apache/Tomcat Denial Of Service And Information Leakage Vulnerability
    ... mod_jk 1.2 using Apache Jserv Protocol 1.3 ... Tomcat 4.x Server ... A client may connect to the target machine and deliver several requests ... response back over the connection. ...
    (Bugtraq)
  • Re: [PHP] problem with url_fopen on free hosting environment
    ... I just blocked all tcp requests on port 80 and 443 comming from my own outside IP. ... I know it just limits new connections, and I thought this would work out, but it didn't. ... There's also mod_bandwidth for Apache, not included in the aforementioned topic. ... "All information in this email message, including images, attachments, contains confidential and proprietary information of BESTPLACE CORPORATION and should only be used or serves for the intended purpose and should not be copied, used or disclosed to anyone other than the sole recipient of this e-mail message." ...
    (php.general)
  • Re: Thoughts on mod_lisp
    ... >> lisp based server. ... > (which uses sockets to connect to apache) or mod_proxy. ... 0.68 (mean, across all concurrent requests) ...
    (comp.lang.lisp)
  • Re: [Full-disclosure] Apache Illegal Request Handling Possible XSS Vulnerability
    ... So that implies that Apache is being slightly lax in passing arbitrary ... I think that server should have a list of valid requests. ... as request and protocol makes no sense. ... Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England ...
    (Full-Disclosure)
  • [UNIX] Apache/Tomcat Denial of Service and Information Leakage Vulnerability
    ... Beyond Security would like to welcome Tiscali World Online ... Apache has been the most popular web server on the Internet for the ... A client may connect to the target machine and deliver several requests ... and again sends a second response back to mod_jk. ...
    (Securiteam)
Loading