Re: Questionable URL being sent to our server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

What is the HTTP method you see in the logs?

Either way, they may trying to use your server as an open proxy, and failing to do so.


On Tue, 1 Nov 2022 at 10:27, Darryl Philip Baker <darryl.baker@xxxxxxxxxxxxxxxx> wrote:

We are getting a poorly formed URL being requested from our servers. Apache is returning a 400 error but I am wondering if someone is try to exploit an issue with some version of some web server out there. Maybe a Dos attack or worse. Anyone have a clue what is being attempted?

 

Sketchy URL: https://www.northwestern.edu/accounting-scrvices/Annual%252ORepothtm

 

Darryl Baker, GSEC, GCLD  (he/him/his)

Sr. System Administrator

Distributed Application Platform Services

Northwestern University

4th Floor

2020 Ridge Avenue

Evanston, IL  60208-0801

darryl.baker@xxxxxxxxxxxxxxxx

(847) 467-6674

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux