From owner-freebsd-security Thu Jun 14 6: 8:17 2001 Delivered-To: freebsd-security@freebsd.org Received: from hotmail.com (oe44.law12.hotmail.com [64.4.18.16]) by hub.freebsd.org (Postfix) with ESMTP id 365B637B408 for ; Thu, 14 Jun 2001 06:08:13 -0700 (PDT) (envelope-from default013subscriptions@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 14 Jun 2001 06:08:12 -0700 X-Originating-IP: [24.14.93.185] Reply-To: "default013 - subscriptions" From: "default013 - subscriptions" To: Subject: apache security question Date: Thu, 14 Jun 2001 08:08:36 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Message-ID: X-OriginalArrivalTime: 14 Jun 2001 13:08:12.0735 (UTC) FILETIME=[11076CF0:01C0F4D3] Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I've been advised that someone is attempting to break into my box, and I know that this person is knowledgeable so I've been watching for unusual activity... I noticed this entry in one of my apache logfiles yesterday, and was wondering if anyone could explain to me what this is: mydomainname.com otherguyshostname.com - - [12/Jun/2001:18:21:35 -0500] "HEAD / HTTP/1.0" 200 0 "-" It appears to me like they somehow executed the 'head' command... how would one do this, and how could you stop it? Thanks, Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message