Re: This doesn't add up / have I been rooted?

From: ynotssor ("ynotssor")
Date: 09/26/03

Date: Fri, 26 Sep 2003 03:44:14 -0700

"Jonathan L Cunningham" <> wrote in message

>> Also examine the Apache logs for CONNECT() to see if your machine is
>> being used as an open proxy for tunneling other data.
> piggybacking on this thread ... what would that look like?
> I noticed a few (one or two a week) CONNECT requests in my apache
> logs. It's configured to reject them, but it doesn't regard the
> request as an error (there is no entry in the error log when I
> attempt it myself, it just returns a page refusing it).
> How would the logs differ if, somehow, some CONNECTs were being
> accepted? (I don't think they are: I'm just asking out of
> general paranoia.)

I'm not sure how that sort of traffic would be enumerated anywhere short of
a quantifiable tcpdump on port 443, but you may wish to consider some of
what is offered at for
more information.

use hotmail com for any email replies
-----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- - The #1 Newsgroup Service in the World!
-----==  Over 100,000 Newsgroups - 19 Different Servers! =-----