httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brenda Bell <k15a-list-apa...@mail.theotherbell.com>
Subject [users@httpd] Have I been hacked
Date Mon, 24 Mar 2003 13:44:26 GMT
I'm running Apache 2.0.43 with PHP 4.2.3 on Mandrake 8.2.  My web
sites are very low traffic so I run daily checks using analog 5.31.
Usually, the only hacks I see are for IIS exploits.  However, the
following line showed up in yesterday's access log:

61.145.232.229 - - [23/Mar/2003:18:37:41 -0500] "GET
http://www.sina.com.cn/ HTTP/1.1" 200 2707

http://www.sina.com.cn is not my web site and I don't have any links
to such a site.  This was the only request received from the specified
IP.  I've never had to track down anything like this and am sort of
lost as to where I should look.

How did someone get a hit on a page that's not hosted on my site?
What should I be looking for to fix it and keep it from happening again?

-- 

Brenda


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message