Return-Path: 
 <users-return-31892-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 75536 invoked from network); 3 Sep 2003 16:27:19 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 3 Sep 2003 16:27:19 -0000
Received: (qmail 66030 invoked by uid 500); 3 Sep 2003 16:07:39 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 65980 invoked by uid 500); 3 Sep 2003 16:07:38 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
list-post: <mailto:users@httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 65894 invoked from network); 3 Sep 2003 16:07:36 -0000
Received: from unknown (HELO relay-2m.club-internet.fr) (194.158.104.41)
  by daedalus.apache.org with SMTP; 3 Sep 2003 16:07:36 -0000
Received: from [192.168.1.103] (f03v-1-26.d1.club-internet.fr [212.194.36.26])
	by relay-2m.club-internet.fr (Postfix) with ESMTP id 24C3C171B
	for <users@httpd.apache.org>; Wed,  3 Sep 2003 18:07:37 +0200 (CEST)
From: =?ISO-8859-1?Q?Lo=EFc?= Paillotin <loic.paillotin@qualimucho.com>
Reply-To: loic.paillotin@qualimucho.com
To: users@httpd.apache.org
In-Reply-To: <BAY2-F132tlbjaD32vQ0000d704@hotmail.com>
References: <BAY2-F132tlbjaD32vQ0000d704@hotmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Organization: QMM
Message-Id: <1062605327.12984.45.camel@localhost>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.4.0 
Date: 03 Sep 2003 18:08:47 +0200
Content-Transfer-Encoding: 8bit
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
Subject: Re: [users@httpd] Request !
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

That's not possible using wget, I reckon. 
But as I said before, it takes 20 lines of perl to connect to a
webserver and POST something on it, using module HTTP::Request. 
Do you know why your server 500ed? Did you browse the error log? 

Le mer 03/09/2003 � 17:40, KAN NAN a �crit :
> Dear Friends,
> 
> I even tried wget command, It generates a http request and downloads
> the page and saves in the current directly. But how those people could
> have used this utility to POST something into my web server.
> 
> awaiting ur replies,
> -kannan
> 
> 
>  
> 
> 
>  
> 
> ______________________________________________________________________
> Over 6,70,000 brides and grooms. Click here to join for free.
> 
> ______________________________________________________________________
> From: KAN NAN <kannan_mca@hotmail.com>
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Request !
> Date: 03 Sep 2003 15:02:45 +0000
> 
> 
> 
> Dear friends,
> 
> I accept the points given by Mr. Garriss and Mr. Geoffrey.
> See, these are the log entries from Apache. It is really very
> difficult to identify what they were trying to do. The reason why I
> was quite sure that they were using telnet is, previously our system
> suffered, at that time I could see that these people were using
> CONNECT maila.microsoft.com:25....., so in my apache config file, I
> blocked all kind of CONNECT request. So, it solved me. But this time,
> just have a look at the log entries:
> 
> 211.147.1.82 - - [02/Sep/2003:08:59:31 +0100] "GET / HTTP/1.1" 400 380
> 211.147.1.82 - - [02/Sep/2003:08:59:43 +0100] "POST / HTTP/1.1" 500
> 604
> 
> I could very well Identify from where these IP-Address belongs to, I
> can very well block it, but its not a permanent solution.
> You can very well see that, First request was a bad request (400) and
> immediately these people tried to POST something which generated
> Internal Server Error (500).
> I could see such entries in the past also, but now we need to fix it
> up.
> 
> waiting for your comments,
> thanks,
> -kannan
> 
> >From: mgarriss 
> 
> 
> >Reply-To: users@httpd.apache.org 
> >To: users@httpd.apache.org 
> >Subject: Re: [users@httpd] Request ! 
> >Date: Wed, 03 Sep 2003 08:46:21 -0600 
> > 
> >KAN NAN wrote: 
> > 
> >>Dear Friends, 
> >>We have a web-system using Apache web server and Jserv(servlet 
> >>engine) running on windows 2000. Our system was attempted to hack 
> >>from some people. Iam very sure they were using telnet to access 
> >>the port 80 of my webserver. I really dont know what was their 
> >>intention. Server started giving Internal server error, immediately 
> >>after their request. It affected us a lot. 
> >>Can any one tell me how I can prevent such kind of attacks, Or how 
> >>I can block entire telnet request into my web system. I tried 
> >>filtering User-Agent string in the header, it didn't work, I tried 
> >>using telnet to generate a http request by giving input for 
> >>User-Agent as Mozilla/4.0....., It accepted, so there is no way 
> >>that I can filter using User-Agent, they can easily pretend as if 
> >>the request is from a normal browser. 
> > 
> > 
> >Port 80 is port 80. It is very easy to make a packet look like it's 
> >a valid http request. In fact, IT IS an valid http request if it 
> >looks like one and this is a good thing. You can take any scripting 
> >language, as another poster pointed out, and write up a little 
> >mini-client very easy, this is also a good thing. Think of programs 
> >like 'wget' that use port HTTP over port 80. Also imagine if the 
> >entire world restricted there servers to IE and Mozilla (not 
> >possible. but just imagine). It would make it impossible to compete 
> >with these products. 
> > 
> >If you have your system configured and set up properly you will 
> >avoid most attacks. Only the very sophisticated attacks will be a 
> >problem and being able to block 'telnet' will not help you here. 
> > 
> > 
> >---------------------------------------------------------------------
> >The official User-To-User support forum of the Apache HTTP Server 
> >Project. 
> >See for more info. 
> >To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org 
> > " from the digest: users-digest-unsubscribe@httpd.apache.org 
> >For additional commands, e-mail: users-help@httpd.apache.org 
> > 
> 
> ______________________________________________________________________
> The Tech Ed advantage. You could have it too! Join right away! 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project. See  for more info. To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org " from the digest:
> users-digest-unsubscribe@httpd.apache.org For additional commands,
> e-mail: users-help@httpd.apache.org 
> 
> ______________________________________________________________________
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org