On 5/7/05, herbs <herbert.raimund@xxxxxxx> wrote: > Hi Admins, Gurus & Geeks, > > I am running a small server here in Warsaw just for my education material. Though its all selfmade I have just little experience with professionell webhosting. > > Recently I a found some suspicious lines in my log file: > > 218.17.72.226 - - [07/May/2005:09:17:03 +0200] "CONNECT 4.79.181.12:25 HTTP/1.1" 405 319 > 218.17.72.226 - - [07/May/2005:09:17:04 +0200] "GET http://www.ebay.com/ HTTP/1.1" 200 5039 > > Then there is no further activity from 218.17.72.226 in my logfile. > But similar attempts come from other IPs too. > > Error 405 means 'Method not allowed'. But Error 200 means 'OK'. My guess is that bad guys try to connect through my server and using my IP whats definitely not my desire.. > > Would make me sleep better if somebody can shed some light on this issue. > Is there a method to lock out certain IPs? > I tried /etc/hosts.deny but from outside I can still access Apache. I couldnt find anything about this issue in my Apache book. > What am I doing wrong? See: http://httpd.apache.org/docs/misc/FAQ.html#proxyscan Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|