>> That is the source IP address, which is required for routing replies >> (including those during the "connect" flow) back to the client, so I don't >> see how this can be 0 simply because of something the client is doing >> (other >> than triggering some sort of bug on the server side, of course). >> > scanning for an open proxy, the :: would grab the ip address and the proxy > would then be in it's use to route content that may not be legitimately sent > to the destination. or content that it is criminal to even possess. [ child > porn jumps to mind for an example. ] > I suspect that the client is a bot doing a scan for an open proxy, one > handing the :: out for that purpose. or, since it causes the 100% cpu load, > it's the beginnings of a new ddos attack mechanism. we all may need to > explicitly deny unspecified ip addresses from server access right quick. Do you have any theories about the moon landing? -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|