From owner-freebsd-questions@FreeBSD.ORG  Fri Jan 14 17:34:26 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0491F16A4CE
	for <freebsd-questions@freebsd.org>;
	Fri, 14 Jan 2005 17:34:26 +0000 (GMT)
Received: from t-x.dignus.nl (t-x.dignus.nl [83.219.88.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A5D5E43D2D
	for <freebsd-questions@freebsd.org>;
	Fri, 14 Jan 2005 17:34:25 +0000 (GMT)
	(envelope-from colin@kenmore.kozy-kabin.nl)
Received: from localhost (localhost.dignus.nl [127.0.0.1])
	by t-x.dignus.nl (Safehouse) with ESMTP id 7FB29285F3;
	Fri, 14 Jan 2005 18:34:41 +0100 (CET)
Received: from kenmore.kozy-kabin.nl (cjr-home [62.251.72.148])
	by t-x.dignus.nl (Safehouse) with ESMTP id 7F26D2864F;
	Fri, 14 Jan 2005 17:18:25 +0100 (CET)
Received: from kenmore.kozy-kabin.nl (localhost.kozy-kabin.nl [127.0.0.1])
	by kenmore.kozy-kabin.nl (Postfix) with ESMTP id D29EA6230;
	Fri, 14 Jan 2005 17:18:08 +0100 (CET)
Received: from localhost (colin@localhost)j0EGHwIe058734;
	Fri, 14 Jan 2005 17:18:08 +0100 (CET)
	(envelope-from colin@kenmore.kozy-kabin.nl)
Date: Fri, 14 Jan 2005 17:17:58 +0100
From: "Colin J. Raven" <colin@kenmore.kozy-kabin.nl>
To: Andy Firman <andy@firman.us>
In-Reply-To: <20050114160030.GB9164@akroteq.com>
Message-ID: <20050114171450.Q802@kenmore.kozy-kabin.nl>
References: <20050114140441.G802@kenmore.kozy-kabin.nl>
	<20050114160030.GB9164@akroteq.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by RemSPAMd at ph230.plushosting.nl
cc: freebsd-questions@freebsd.org
Subject: Re: Odd (alarming) http log exerpt
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jan 2005 17:34:26 -0000

On Jan 14 at 07:00, Andy Firman wrote:

> On Fri, Jan 14, 2005 at 02:08:20PM +0100, Colin J. Raven wrote:
>> What is this person doing? or attempting to do? I'm guessing nothing
>> good.
>>   Is there anything within...say httpd.conf..that I could do to prevent
>> this..or curtail it before it grows to such an enormous size.
>
> Looks like a WebDAV exploit.  You can run conditional logging in
> your apache server to ignore it.

OK, thank you very much for the information. I'm RTFM'ing now to see 
what WebDAV is and what conditional logging possibilities there are.

Regards,
-Colin