Re: Using http as mail spam engine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Nov 05, 2007 at 01:07:13PM -0700, Ashley M. Kirchner wrote:
>    I noticed these entries in my apache log today:
> 
>    60.250.66.175 - - [01/Nov/2007:04:41:01 -0600] "CONNECT 
> 218.32.192.11:25 HTTP/1.0" 200 12439 "-" "-"
>    60.250.66.175 - - [01/Nov/2007:04:41:04 -0600] "CONNECT 
> 61.31.198.50:25 HTTP/1.0" 200 12439 "-" "-"
>    60.250.66.175 - - [01/Nov/2007:04:43:28 -0600] "CONNECT 
> 60.249.125.71:25 HTTP/1.0" 200 12439 "-" "-"
>    159.148.97.91 - - [02/Nov/2007:22:01:40 -0600] "CONNECT 
> 195.175.37.70:8080 HTTP/1.0" 200 14301 "-" "-"
>    159.148.97.91 - - [02/Nov/2007:22:01:41 -0600] "CONNECT 
> 159.148.96.222:80 HTTP/1.0" 200 14301 "-" "-"
> 
>    And while the first two are specifically targeting port 25, the 
> other two aren't  But more importantly, how is this being done, and how 
> do I stop it?  Did I forgot to disable something within Apache somewhere?

You'll get a 200 response sent from such CONNECT requests if you have 
(e.g.) a PHP page handling the / page for your server.  That does not 
mean the server is allowing port forwarding!

By default, httpd will not allow CONNECT requests to remote servers.  If 
ProxyRequests is enabled, it will allow CONNECT requests to ports 443 
and 563 only.  (ProxyRequests should not be enabled unless the server is 
acting as a proxy server, of course!)

http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#allowconnect

joe




-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux