Re: This doesn't add up / have I been rooted?
From: ynotssor ("ynotssor")
Date: Fri, 26 Sep 2003 03:44:14 -0700
"Jonathan L Cunningham" <firstname.lastname@example.org> wrote in message
>> Also examine the Apache logs for CONNECT() to see if your machine is
>> being used as an open proxy for tunneling other data.
> piggybacking on this thread ... what would that look like?
> I noticed a few (one or two a week) CONNECT requests in my apache
> logs. It's configured to reject them, but it doesn't regard the
> request as an error (there is no entry in the error log when I
> attempt it myself, it just returns a page refusing it).
> How would the logs differ if, somehow, some CONNECTs were being
> accepted? (I don't think they are: I'm just asking out of
> general paranoia.)
I'm not sure how that sort of traffic would be enumerated anywhere short of
a quantifiable tcpdump on port 443, but you may wish to consider some of
what is offered at http://www.google.com/search?q=http+connect+method for
-- use hotmail com for any email replies -----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- http://www.newsfeeds.com - The #1 Newsgroup Service in the World! -----== Over 100,000 Newsgroups - 19 Different Servers! =-----