httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rich Bowen <rbo...@rcbowen.com>
Subject Re: [users@httpd] Are some people snooping around?
Date Wed, 16 Nov 2005 20:27:42 GMT
Oil Pine wrote:
> Reviewing the httpd access log, I found the following entries:
> 
> 69.209.112.92 - - [16/Nov/2005:09:06:46 -0600] "GET / HTTP/1.0" 200 589
> "-" "-"
> 69.209.184.151 - - [16/Nov/2005:06:38:42 -0600] "GET / HTTP/1.0" 200 589 "-" "-"
> 69.209.184.151 - - [16/Nov/2005:02:39:10 -0600] "GET / HTTP/1.0" 200 589 "-" "-"
> 69.209.79.247 - - [16/Nov/2005:02:04:21 -0600] "GET / HTTP/1.0" 200 589 "-" "-"
> 
> The first two numbers are the same as those of my dynamic IP address, so I assume they
are either the customers of my ISP (SBCglobal.net) or the ISP itself. 
> 
> Before I set my server to deny access to these numbers, I would like to know what they
are trying to do. I will appreciate any suggestion you may have.

They're looking at your website. Presumably that's why you have a
website - so that people can look at it. ;-)

They did a "GET /" which means they loaded your homepage. They were
successful (200) and retrieved the page, which appears to be 589 bytes.
They went directly to the site (no referrer) and are not reporting a
user agend string. That's not unusual or suspect.

It's *possible* that they are up to no good, but these log entries don't
support that conclusion.

-- 
Rich Bowen
rbowen@rcbowen.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message