[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SEARCH attack


I have noticed the same here -- have a look at this

I liked the rewrite solution to throw it to ms... ;)


Robert Cates wrote:


I hoping somebody can both fill me in on what this SEARCH is all about, and
what I can/should do to stop it:

Every so often I find a very long request in my Apache access logs that
seems to be an attempted SEARCH ("SEARCH /\x90\x02\xb1\x02\xb1\x02\ ...").

1).  Is this a security problem (on a Linux server)?

2).  If so, how can I stop this?  I tried to stop it using a <Limit SEARCH>,
but a configtest told me that "SEARCH" was an undefined or unknown method.
I placed the <Limit SEARCH> within the <Directory /> container as well as
out on it's own in the config file.

3).  Is this a Windows platform issue?

4).  If so, how can I stop these attempts from filling up my access logs.

All info is greatly appreciated!


Please note that this account is being filtered using anti UCE systems. If you send email to this account make sure that it could not be mistaken as UCE.

Reply to: