On Wed, Mar 31, 2004 at 06:32:53PM +0300, Toni Heinonen wrote: >>On Sat, 27 Mar 2004 15:50:53 -0600, Jack L. Stone wrote: >>>At 08:28 PM 3.27.2004 +0100, Cordula's Web wrote: >>>>>Within the past couple of weeks, the Apache logs have shown a new >>>>>type of intrusion -- a very, very long URL request... >>>>> >>>>>My question is what syntax can I add, if any, to my httpd.conf to >>>>>redirect such requests..?? >>>>> >>>>>65.35.186.74 - - [26/Mar/2004:19:01:04 -0600] "SEARCH >>>>>/\x90\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\x02\xb1\... >>>> >>>>Are only SEARCH requests affected, or GET as well? >> >>Hey all. A question from a heretofore unrevealed skulker :^>. Was >>this question ever answered off-list? My own box is getting hit >>quite often with these & I'm concerned that they might be causing >>harm. thks > >Don't be concerned, those are probably worms looking for IIS holes or >the like. Since you're running Apache you're not vulnerable.
ah. That's what I wanted to hear, annoying but harmless. Thanks to both you & Nick for your speedy responses. seeyah -- GROG! __^__ Our vision is to speed up time, eventually thks /(o o)\ eliminating it. -- Alex Schure --oOO==(_)==OOo-- _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
