httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Turner <kk...@swbell.net>
Subject Re: access & error logs -- attempted crack?
Date Thu, 11 Jul 2002 19:35:23 GMT
On Thu, 11 Jul 2002 10:44:43 +0200, Robert Andersson wrote:

>Looks like CodeRed or similar clone, which try to exploit a buffer overflow
>in MS IIS. It´'s now known that Apache (<1.3.26 && <2.0.39) has a similar
>bug, but I don't know how such an attack would look like. But these log
>entries are certainly intended for IIS.

Thanks to both Robert and Stephen for timely, helpful answers.  I knew
there was a reason to run Linux :)

On the other access.log entry,

207.114.6.10 - - [10/Jul/2002:21:32:02 -0500] "CONNECT 207.114.6.11:6667
HTTP/1.0" 405 307 "-" "-"

can anyone explain this?  IRC port?
--
gt
It ain't so much what you don't know that gets you in trouble---
it's what you do know that ain't so.--unk

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message