SEARCH attack

To: <debian-isp@lists.debian.org>
Subject: SEARCH attack
From: "Robert Cates" <robert@kormar.de>
Date: Mon, 7 Jun 2004 11:42:53 +0200
Message-id: <[🔎] 003601c44c73$ced370d0$0d01a8c0@kormar.net>
Reply-to: "Robert Cates" <robert@kormar.de>

Hi,

I hoping somebody can both fill me in on what this SEARCH is all about, and
what I can/should do to stop it:

Every so often I find a very long request in my Apache access logs that
seems to be an attempted SEARCH ("SEARCH /\x90\x02\xb1\x02\xb1\x02\ ...").

1).  Is this a security problem (on a Linux server)?

2).  If so, how can I stop this?  I tried to stop it using a <Limit SEARCH>,
but a configtest told me that "SEARCH" was an undefined or unknown method.
I placed the <Limit SEARCH> within the <Directory /> container as well as
out on it's own in the config file.

3).  Is this a Windows platform issue?

4).  If so, how can I stop these attempts from filling up my access logs.

All info is greatly appreciated!

Thanks,
Robert

Reply to:

Follow-Ups:
- Re: SEARCH attack
  - From: mimo <mimo@restoel.net>
- Re: SEARCH attack
  - From: "J.H.M. Dassen (Ray)" <fsmla@xinara.org>

Prev by Date: Re: [PHP] safe mode bug ?
Next by Date: Re: [PHP] safe mode bug ?
Previous by thread: Re: [PHP] safe mode bug ?
Next by thread: Re: SEARCH attack
Index(es):
- Date
- Thread