Re: [d-security] woody apache/ssl - security issue?
On Wed, Sep 25, 2002 at 03:18:02PM +0200, Tycho Fruru wrote:
> > The logfile entries you've shown are absolutely harmless, I use exactly
> > the same strings for testing if a webserver responses.
> hmm. To me they don't seem harmless. Looks more like you've been
> visited by a slapper worm (which leaves the same trails in your
The messages itself are absolutely harmless. Whatever brought down your
server did it at least not by using just these queries. They can be used
by a worm though - to quickly check which server version is displayed.
To check if the server is vulnerable to the slapper worm (i.e. the recent
OpenSSL vulnerability), visit: