httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "plot.lost" <>
Subject [users@httpd] Do these log entries show someone trying to hack in?
Date Fri, 24 May 2013 13:26:40 GMT
I've been getting from error log entries about SNI and hostname are 
different, and in these cases the SNI used seems to be the correct 
hostname but with some extra data on the end, for example:

provided via SNI and hostname provided via HTTP are 

In this case the extra data was \xe0\xb0\xaf\xe2\xbf\xa8.\xe2\xa8\x80

but there have been a number of different sets of data, such as:







Does anyone have any idea as to what this might be for? Are there any 
known/possible exploits in Apache that this might be trying to use?

Server Version: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.1a 
running on Ubuntu

Thanks in advance for any hints/advice.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message