Messages in HTTPD log
From: Mica (navinsam_in_at_hotmail.com)
Date: 08/31/03
- Next message: Mark Taylor: "Re: Messages in HTTPD log"
- Previous message: Martin Cooper: "Re: RedHat 7.2 firewall/router vulnerabilities"
- Next in thread: Mark Taylor: "Re: Messages in HTTPD log"
- Reply: Mark Taylor: "Re: Messages in HTTPD log"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 31 Aug 2003 06:24:20 -0700
I'm running apache 2.0 on RH Linux behind a firewall. I have setup
DNAT to enable port 80 requests to be forwarded to my httpd server in
the internal n/w.
I found this line in my httpd access_log .
xx.xx.xx.xx - - [31/Aug/2003:01:28:45 -0400] "GET
/scripts/.%252e/.%252e/winnt/system32/cmd.exe?/c+dir+c:\ HTTP/1.1" 404
1050 "-" "-"
and the following lines in error_log
[Sun Aug 31 01:28:44 2003] [error] [client xx.xx.xx.x] File does not
exist: /var/www/html/scripts
[Sun Aug 31 01:28:45 2003] [error] [client xx.xx.xx.xx] File does not
exist: /var/www/html/scripts
What was the person trying to accomplish ? I guess he didn't find much
success .
Can I do anything more to prevent such requests coming to my webserver
.
TIA
Navin.
- Next message: Mark Taylor: "Re: Messages in HTTPD log"
- Previous message: Martin Cooper: "Re: RedHat 7.2 firewall/router vulnerabilities"
- Next in thread: Mark Taylor: "Re: Messages in HTTPD log"
- Reply: Mark Taylor: "Re: Messages in HTTPD log"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
