[users@httpd] CONNECT queries different in 2.0 and 1.3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I noticed something odd in my logs this morning. Someone tried sending this request to one of my servers:

CONNECT xx.xx.xx.xx:25 HTTP/1.0

The server returned a 302, with a Location: of http://127.0.0.1, which I verified by telnetting to port 80 and trying it myself. This particular server is Apache 2.0.58, with the following modules loaded:

mod_log_config.so
mod_mime.so
mod_negotiation.so
mod_status.so
mod_include.so
mod_dir.so
mod_cgi.so
mod_alias.so
mod_rewrite.so
mod_access.so
mod_auth.so
mod_headers.so
mod_setenvif.so
mod_geoip.so
mod_watch.so
libphp5.so

I tried the same query via telnet to my other server, which is running 1.3.34 with these modules:

mod_env.so
mod_log_config.so
mod_mime.so
mod_negotiation.so
mod_status.so
mod_include.so
mod_dir.so
mod_cgi.so
mod_asis.so
mod_imap.so
mod_actions.so
mod_alias.so
mod_rewrite.so
mod_access.so
mod_auth.so
mod_headers.so
mod_setenvif.so
mod_watch.so
mod_gzip.so
libphp5.so
mod_geoip.so

When I tried the same request, it returned a 200 and the contents of the server's default index page.

I should add that both servers are configured essentially the same, except for the necessary differences between 2.0 and 1.3. I don't see any config options that would specify what to do with CONNECT requests, nor should there be any rewrite rules that would redirect traffic to localhost.

I'm not particularly concerned about this - I assume they were trying to use a proxy server to relay spam, and since I'm not running a proxy, it didn't work - but it piques my interest. What caused the 2.0 server to respond differently than 1.3? Is it a module, or built-in behavior? Thanks for any input you can provide.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux