Em 24-05-2013 10:26, plot.lost escreveu:
I've been getting from error log entries about SNI and hostname are different, and in these cases the SNI used seems to be the correct hostname but with some extra data on the end, for example:Hostname www.example.com\xe0\xb0\xaf\xe2\xbf\xa8.\xe2\xa8\x80 provided via SNI and hostname www.example.com provided via HTTP are differentIn this case the extra data was \xe0\xb0\xaf\xe2\xbf\xa8.\xe2\xa8\x80 but there have been a number of different sets of data, such as: A\xe8\x84\xb4A\xc9\xa0\xe0\xa8\xbe\xed\x9c\xbc\xd4\x80 \xdd\x98\xee\xbd\xa0\xe0\xaf\xb5\xcf\xb8 \xdd\x9a\xe2\xa4\x90\xe0\xaf\xb0\xcb\xb0 \xdd\xa0\xee\xbd\xa0\xe0\xaf\xb5\xcf\xb8 \xe0\xb0\xaf\xe2\xbf\xa8.\xe2\xa8\x80 \xe0\xb1\x82\xe6\xbb\x98\xdd\x99\xc4\x90Does anyone have any idea as to what this might be for? Are there any known/possible exploits in Apache that this might be trying to use?Server Version: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.1a running on UbuntuThanks in advance for any hints/advice. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|