httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shannon Calrow" <s.cal...@qut.edu.au>
Subject RE: [users@httpd] Apache 2.0.50 making LDAP reqeusts
Date Thu, 29 Jul 2004 00:57:14 GMT

Our current setup consists of
  Apache/2.0.50 (Unix) 
  mod_jk2/2.0.3-dev 
  PHP/4.3.3  
  Tomcat 4.1.30

There are currently no PHP or JSP pages using any form of LDAP

A dump from iptables shows it is in fact the httpd service making the
requests

iptables -I OUTPUT -p tcp --destination-port 389 -m owner --cmd-owner
httpd  -j LOG --log-prefix "HTTPD_LDAP "
 
:Output:

Jul 29 10:15:43 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=33717 DF PROTO=TCP SPT=40022 DPT=389 WINDOW=5840 RES=0x00 ACK URGP=0
Jul 29 10:15:43 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=66 TOS=0x00 PREC=0x00 TTL=64
ID=32821 DF PROTO=TCP SPT=40022 DPT=389 WINDOW=5840 RES=0x00 ACK PSH
URGP=0
Jul 29 10:15:43 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=7069 DF PROTO=TCP SPT=40022 DPT=389 WINDOW=5840 RES=0x00 ACK URGP=0
Jul 29 10:15:43 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=95 TOS=0x00 PREC=0x00 TTL=64
ID=3 DF PROTO=TCP SPT=40022 DPT=389 WINDOW=5840 RES=0x00 ACK PSH URGP=0
Jul 29 10:15:43 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=185 TOS=0x00 PREC=0x00 TTL=64
ID=3 DF PROTO=TCP SPT=40022 DPT=389 WINDOW=5840 RES=0x00 ACK PSH URGP=0
Jul 29 10:15:43 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=29944 DF PROTO=TCP SPT=40022 DPT=389 WINDOW=5840 RES=0x00 ACK URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=0 DF PROTO=TCP SPT=40023 DPT=389 WINDOW=5840 RES=0x00 SYN URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=33717 DF PROTO=TCP SPT=40023 DPT=389 WINDOW=5840 RES=0x00 ACK URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=66 TOS=0x00 PREC=0x00 TTL=64
ID=32821 DF PROTO=TCP SPT=40023 DPT=389 WINDOW=5840 RES=0x00 ACK PSH
URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=43848 DF PROTO=TCP SPT=40023 DPT=389 WINDOW=5840 RES=0x00 ACK URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=95 TOS=0x00 PREC=0x00 TTL=64
ID=1 DF PROTO=TCP SPT=40023 DPT=389 WINDOW=5840 RES=0x00 ACK PSH URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=185 TOS=0x00 PREC=0x00 TTL=64
ID=3 DF PROTO=TCP SPT=40023 DPT=389 WINDOW=5840 RES=0x00 ACK PSH URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=0 DF PROTO=TCP SPT=40024 DPT=389 WINDOW=5840 RES=0x00 SYN URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=33717 DF PROTO=TCP SPT=40024 DPT=389 WINDOW=5840 RES=0x00 ACK URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=66 TOS=0x00 PREC=0x00 TTL=64
ID=32821 DF PROTO=TCP SPT=40024 DPT=389 WINDOW=5840 RES=0x00 ACK PSH
URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=17664 DF PROTO=TCP SPT=40024 DPT=389 WINDOW=5840 RES=0x00 ACK URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server.ip DST=ldap.server.ip LEN=95 TOS=0x00 PREC=0x00 TTL=64
ID=49070 DF PROTO=TCP SPT=40024 DPT=389 WINDOW=5840 RES=0x00 ACK PSH
URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server. ip DST=ldap.server.ip LEN=185 TOS=0x00 PREC=0x00 TTL=64
ID=49057 DF PROTO=TCP SPT=40024 DPT=389 WINDOW=5840 RES=0x00 ACK PSH
URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server. ip DST=ldap.server.ip LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=17664 DF PROTO=TCP SPT=40023 DPT=389 WINDOW=5840 RES=0x00 ACK URGP=0
Jul 29 10:15:44 web-server kernel: HTTPD_LDAP IN= OUT=eth1
SRC=web.server. ip DST=ldap.server.ip LEN=52 TOS=0x00 PREC=0x00 TTL=64
ID=43853 DF PROTO=TCP SPT=40024 DPT=389 WINDOW=5840 RES=0x00 ACK URGP=0
 

	

-----Original Message-----
From: Carroll, D (Daniel) [mailto:Daniel.Carroll@rabobank.com] 
Sent: Wednesday, 28 July 2004 4:30 PM
To: users@httpd.apache.org
Subject: RE: [users@httpd] Apache 2.0.50 making LDAP reqeusts 

> I have come across a nasty problem with Apache 2 making very open LDAP
requests every time 
> A page is hit. 

Is it a php page?

-D

P.s. Please dont post html.
_____________________________________________________________

This email (including any attachments to it) is confidential, legally
privileged, subject to copyright and is sent for the personal attention
of the intended recipient only. If you have received this email in
error, please advise us immediately and delete it. You are notified that
disclosing, copying, distributing or taking any action in reliance on
the contents of this information is strictly prohibited. Although we
have taken reasonable precautions to ensure no viruses are present in
this email, we cannot accept responsibility for any loss or damage
arising from the viruses in this email or attachments. We exclude any
liability for the content of this email, or for the consequences of any
actions taken on the basis of the information provided in this email or
its attachments, unless that information is subsequently confirmed in
writing. If this email contains an offer, that should be considered as
an invitation to treat.
_____________________________________________________________

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message