httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject RE: [users@httpd] Server Access Log Understanding
Date Thu, 24 Jul 2003 16:58:52 GMT

On Thu, 24 Jul 2003, Jeremy Whitlock wrote:

> Joshua,
> 	I haven't done anything like that.  I just hate to see that
> people are even trying I guess.  I also see that people are "leeching"
> my files that I've put in one of the folders.  Is there anyway to stop
> leeching?  Thanks, Jeremy

If it gives you any consolation, you are not alone.  This is not some
individual hacker picking on you, this is either:
1. A worm that is spreading on its own.
2. A hacker that is scanning huge portions of the internet for any
vulnerable server.

In general, these worms and hackers are targetting IIS, so there is very
little chance of an apache server being affected.

As far as "leeching", you need to define what you mean.  If you mean that
people are inlining your images into their own pages, you should look at
"Prevent image theft" under:
http://httpd.apache.org/docs-2.0/env.html#examples

> P.S. - How can I tell if someone were successful at trying to hack my
> machine?  Is there any status code or such I can look for?

Well, a status code starting in 2 means that the request was successful.
But a successful request does not mean a successful hack (and the contrary
applies as well, actually).

I don't think there is any magic formula for figuring out if you've been
hacked.  That's why people make big bucks selling crappy intrusion
detection software.

One thing you can try is to extract a part of the request and type it into
google to see what people are saying about it.  Usually you can find out
what exploit is being used, and make sure you are not vulnerable to that
exploit.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message