Date: Thu, 14 Jun 2001 15:09:24 +0200 From: Neil Fryer <neilf@mip.co.za> To: "default013 - subscriptions" <default013subscriptions@hotmail.com>, "default013 - subscriptions" <default013subscriptions@hotmail.com>, <freebsd-security@FreeBSD.ORG> Subject: Re: apache security question Message-ID: <0106141510371Q.00481@xyberpix.mip.co.za> In-Reply-To: <OE44ezf9CIElR3n4DVv00010e9b@hotmail.com> References: <OE44ezf9CIElR3n4DVv00010e9b@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
'ello Ok, afaik, this command could quite easily be run by telnetting into port 80 on your webserver, as you'll have this open anyway on your fw to allow web traffic, as for your other question, sorry can't help. Cheers Neil Fryer neilf@mip.co.za On Thu, 14 Jun 2001, default013 - subscriptions wrote: > Hello, I've been advised that someone is attempting to break into my box, > and I know that this person is knowledgeable so I've been watching for > unusual activity... > > I noticed this entry in one of my apache logfiles yesterday, and was > wondering if anyone could explain to me what this is: > > mydomainname.com otherguyshostname.com - - [12/Jun/2001:18:21:35 -0500] > "HEAD / HTTP/1.0" 200 0 "-" > > It appears to me like they somehow executed the 'head' command... how would > one do this, and how could you stop it? > > Thanks, Jordan > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- "Against stupidity, even the Gods struggle in vain." - Friedrich von Schiller To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0106141510371Q.00481>