hamper

Well-Known Member
Apr 28, 2006
85
0
156
Hello folks.. need a bit more help apparently. As I was trying to figure out whats going on with Exim, I found a few odd things in my error logs that I cannot figure out whats going and figured I'd ask some smart folks. <g>

This below was in my error log and have no idea wht is trying to be called and from where? Any ideas? or is it just garbage? or do I need to search for an exploit perhaps?
[Sat Nov 11 15:41:37 2006] [error] [client 220.110.169.34] Invalid method in request \\x16\\x03
[Sat Nov 11 15:46:42 2006] [error] [client 220.110.169.34] Invalid method in request \\x16\\x03
[Sat Nov 11 15:46:42 2006] [error] [client 220.110.169.34] Invalid method in request \\x16\\x03
[Sat Nov 11 15:46:42 2006] [error] [client 220.110.169.34] Invalid method in request \\x16\\x03
I found this also. I checked the htdocs folder and there is no "pub" dir so I have no idea where this is being called from either. Seeing as it's coming from 127.0.0.1 I'm concerned this might be an exploit.

[Sat Nov 11 19:31:39 2006] [error] [client 127.0.0.1] File does not exist: /usr/local/apache/htdocs/pub/CPAN/MIRRORING.FROM
[Sat Nov 11 19:31:39 2006] [error] [client 127.0.0.1] File does not exist: /usr/local/apache/htdocs/404.shtml
This I also found in error log and have no idea what program this is, any insight?
[Sat Nov 11 19:50:44 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
Thanks for any help as to what this stuff is or where or what I might need to look for.

TIA