httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject Re: Security problem ?
Date Mon, 02 Jun 1997 17:23:04 GMT
Rob Hartill wrote:
> On Mon, 2 Jun 1997, Chris Cason wrote:
> > 00  6D 61 6E 68 61 74 74 61-6E 2E 74 68 69 72 64 77   manhattan.thirdw
> > 10  61 76 65 2E 6E 65 74 20-2D 20 2D 20 5B 30 31 2F   ave.net - - [01/
> > 20  4A 75 6E 2F 31 39 39 37-3A 31 32 3A 33 38 3A 31   Jun/1997:12:38:1
> > 30  36 20 2D 30 37 30 30 5D-20 22 FF FA 25 03 72 6F   6 -0700] "..%.ro
> > 40  6F 74 FF F0 3F 22 20 34-30 30 20 2D 20 22 2D 22   ot..?" 400 - "-"
> > 50  20 22 2D 22 0A 6D 61 6E-68 61 74 74 61 6E 2E 74    "-".manhattan.t
> > 60  68 69 72 64 77 61 76 65-2E 6E 65 74 20 2D 20 2D   hirdwave.net - -
> > 70  20 5B 30 31 2F 4A 75 6E-2F 31 39 39 37 3A 31 32    [01/Jun/1997:12
> > 80  3A 35 35 3A 32 39 20 2D-30 37 30 30 5D 20 22 FF   :55:29 -0700] ". 
> > 90  FA 25 03 72 6F 6F 74 FF-F0 68 65 6C 6C 6F 22 20   .%.root..hello" 
> > A0  34 30 30 20 2D 20 22 2D-22 20 22 2D 22 0A 90 0E   400 - "-" "-"...

This looks vaguely like the effect you might get when connecting a telnet
to port 80 - the high bit set stuff would be the telnet trying to set modes and
stuff. I'd have to check the telnet RFC to be sure, though.

Note: many telnets don't attempt to set modes'n'stuff until the far end does,
which is why to get to use them at all to connect to "raw" ports.

Cheers,

Ben.

-- 
Ben Laurie                Phone: +44 (181) 994 6435  Email: ben@algroup.co.uk
Freelance Consultant and  Fax:   +44 (181) 994 6472
Technical Director        URL: http://www.algroup.co.uk/Apache-SSL
A.L. Digital Ltd,         Apache Group member (http://www.apache.org)
London, England.          Apache-SSL author

Mime
View raw message