httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Loïc Paillotin <loic.paillo...@qualimucho.com>
Subject Re: [users@httpd] Request !
Date Wed, 03 Sep 2003 16:08:47 GMT
That's not possible using wget, I reckon. 
But as I said before, it takes 20 lines of perl to connect to a
webserver and POST something on it, using module HTTP::Request. 
Do you know why your server 500ed? Did you browse the error log? 

Le mer 03/09/2003 à 17:40, KAN NAN a écrit :
> Dear Friends,
> 
> I even tried wget command, It generates a http request and downloads
> the page and saves in the current directly. But how those people could
> have used this utility to POST something into my web server.
> 
> awaiting ur replies,
> -kannan
> 
> 
>  
> 
> 
>  
> 
> ______________________________________________________________________
> Over 6,70,000 brides and grooms. Click here to join for free.
> 
> ______________________________________________________________________
> From: KAN NAN <kannan_mca@hotmail.com>
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Request !
> Date: 03 Sep 2003 15:02:45 +0000
> 
> 
> 
> Dear friends,
> 
> I accept the points given by Mr. Garriss and Mr. Geoffrey.
> See, these are the log entries from Apache. It is really very
> difficult to identify what they were trying to do. The reason why I
> was quite sure that they were using telnet is, previously our system
> suffered, at that time I could see that these people were using
> CONNECT maila.microsoft.com:25....., so in my apache config file, I
> blocked all kind of CONNECT request. So, it solved me. But this time,
> just have a look at the log entries:
> 
> 211.147.1.82 - - [02/Sep/2003:08:59:31 +0100] "GET / HTTP/1.1" 400 380
> 211.147.1.82 - - [02/Sep/2003:08:59:43 +0100] "POST / HTTP/1.1" 500
> 604
> 
> I could very well Identify from where these IP-Address belongs to, I
> can very well block it, but its not a permanent solution.
> You can very well see that, First request was a bad request (400) and
> immediately these people tried to POST something which generated
> Internal Server Error (500).
> I could see such entries in the past also, but now we need to fix it
> up.
> 
> waiting for your comments,
> thanks,
> -kannan
> 
> >From: mgarriss 
> 
> 
> >Reply-To: users@httpd.apache.org 
> >To: users@httpd.apache.org 
> >Subject: Re: [users@httpd] Request ! 
> >Date: Wed, 03 Sep 2003 08:46:21 -0600 
> > 
> >KAN NAN wrote: 
> > 
> >>Dear Friends, 
> >>We have a web-system using Apache web server and Jserv(servlet 
> >>engine) running on windows 2000. Our system was attempted to hack 
> >>from some people. Iam very sure they were using telnet to access 
> >>the port 80 of my webserver. I really dont know what was their 
> >>intention. Server started giving Internal server error, immediately 
> >>after their request. It affected us a lot. 
> >>Can any one tell me how I can prevent such kind of attacks, Or how 
> >>I can block entire telnet request into my web system. I tried 
> >>filtering User-Agent string in the header, it didn't work, I tried 
> >>using telnet to generate a http request by giving input for 
> >>User-Agent as Mozilla/4.0....., It accepted, so there is no way 
> >>that I can filter using User-Agent, they can easily pretend as if 
> >>the request is from a normal browser. 
> > 
> > 
> >Port 80 is port 80. It is very easy to make a packet look like it's 
> >a valid http request. In fact, IT IS an valid http request if it 
> >looks like one and this is a good thing. You can take any scripting 
> >language, as another poster pointed out, and write up a little 
> >mini-client very easy, this is also a good thing. Think of programs 
> >like 'wget' that use port HTTP over port 80. Also imagine if the 
> >entire world restricted there servers to IE and Mozilla (not 
> >possible. but just imagine). It would make it impossible to compete 
> >with these products. 
> > 
> >If you have your system configured and set up properly you will 
> >avoid most attacks. Only the very sophisticated attacks will be a 
> >problem and being able to block 'telnet' will not help you here. 
> > 
> > 
> >---------------------------------------------------------------------
> >The official User-To-User support forum of the Apache HTTP Server 
> >Project. 
> >See for more info. 
> >To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org 
> > " from the digest: users-digest-unsubscribe@httpd.apache.org 
> >For additional commands, e-mail: users-help@httpd.apache.org 
> > 
> 
> ______________________________________________________________________
> The Tech Ed advantage. You could have it too! Join right away! 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project. See  for more info. To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org " from the digest:
> users-digest-unsubscribe@httpd.apache.org For additional commands,
> e-mail: users-help@httpd.apache.org 
> 
> ______________________________________________________________________
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message