[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

apache log entry

Hi All,

I found a strange entry hidden among all the IIS exploit attempts in my apache access log today: - - [07/Oct/2001:21:28:44 +1000] "GET HTTP/1.0" 200 756

Does anyone know if this is some sort of attack attempt? It doesn't seem to make any sense as a log entry as there is no leading '/' on the url portion and there is no corresponding error log entry saying that the file '' couldn't be found. I also find the fact that the client IP and the url are the same suspicious. I tried retrieving the same file myself using mozilla (http://webserver/ and it created a similar access entry but with a '/' at the start of the url and there was an error log entry generated. There was a peak in traffic from the server the day after this log entry which instigated the check. Any suggestions will be appreciated.

just being paranoid



Real coders celebrate Christmas at Halloween.

Reply to: