Hi All:I've been getting a lot of hits on my server lately that look like they might be some kind of exploit. Could someone be probing to see if my server will proxy? Could it BE proxying without my knowledge? The resukt code of 200 is disturbing.
The log entries look like these (and there are lots of them): Thanks for any tips or help... Gene81.215.250.249 - - [24/Nov/2005:08:44:36 -0600] "GET / HTTP/1.1" 200 190 "http://foto-porno-amatoriale.com"; "Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0; .NET CLR 1.0.2914)" 219.146.214.57 - - [24/Nov/2005:08:44:43 -0600] "GET / HTTP/1.1" 200 190 "http://hosting-siti-adulti.com"; "Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0; .NET CLR 1.0.2914)" 218.244.31.242 - - [24/Nov/2005:08:45:29 -0600] "GET / HTTP/1.0" 200 190 "http://foto-porno-amatoriale.com"; "Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0; .NET CLR 1.0.2914)" 85.98.104.235 - - [24/Nov/2005:08:45:33 -0600] "GET / HTTP/1.1" 200 190 "http://puttane-grandi-tette.com"; "Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0; .NET CLR 1.0.2914)" 85.104.130.61 - - [24/Nov/2005:08:46:23 -0600] "GET / HTTP/1.1" 200 190 "http://amatoriali.biz"; "Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0; .NET CLR 1.0.2914)"
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|