httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aidan Whitehall" <AidanWhiteh...@Fairbanks.co.uk>
Subject [users@httpd] Logging Nimda
Date Wed, 09 Jul 2003 08:33:09 GMT
I'm using named virtual hosts to host several sites on the same machine.
The logs in the first web site in the list are full of Nimda-type
requests:

   /default.ida
   /cmd.exe
   /root.exe
   /cgi-bin/formmail.cgi
   /cgi-bin/formmail.pl
   /favicon.ico
   etc

presumably because when Nimda-infected boxes or software designed to
detect vulnerabilities accesses the server via IP on port 80, Apache
uses the first site to respond to the request.

I'd like to avoid these requests from appearing in the logs for the
first site, but (and I can't think of a good reason why at the moment)
still log this activity.

Is it, perhaps, possible to ensure that requests made on port 80 are
logged somewhere other than the first site? Or, if can anyone convince
me that it's not worth logging, is there a way of preventing Apache from
responding to a certain requests, like those listed above?


Thanks for any ideas!

-- 
Aidan Whitehall <mailto:aidanwhitehall@fairbanks.co.uk>
Macromedia ColdFusion Developer
Fairbanks Environmental Ltd  +44 (0)1695 51775
Queen's Awards Winner 2003 <http://www.fairbanks.co.uk/go/awards>

________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message