The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[security] RFC2616 section 14.23

Discussion in 'Security' started by Radio_Head, May 15, 2003.

  1. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    when I execute

    # less /usr/local/apache/logs/error_log | grep RFC > attack.txt

    and then I read/analyze attack.txt
    I can found a lot of this line (probably you too on your box)

    [Tue Mar 25 05:16:00 2003] [error] [client 210.178.81.5] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23):

    and from several ips ..


    Are they all hackers which are searching for OpenSSL exploit
    (RFC2616 section 14.23) ? Am I right ?
    http://www.auscert.org.au/render.html?it=2409&cid=53

    I receive this kind of attack every 1 or 2 days from china , russia, romania ....
     
    #1 Radio_Head, May 15, 2003
    Last edited: May 15, 2003
  2. Radio_Head

    Radio_Head Well-Known Member

    Joined:
    Feb 15, 2002
    Messages:
    2,051
    Likes Received:
    1
    Trophy Points:
    38
    I have red on google groups that these are attempts to search proxies on my box ...
     
  3. fleksi

    fleksi Well-Known Member

    Joined:
    Sep 17, 2003
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    16
    I have the same problem.
    Apache has failed and need to restart.
    Need your suggestion.

    -asc-
     

Share This Page