Re: logs de apache

To: es-debian <debian-user-spanish@lists.debian.org>
Subject: Re: logs de apache
From: "Ricardo Frydman Eureka!" <ricardoeureka@gmail.com>
Date: Tue, 28 Feb 2006 11:03:48 -0300
Message-id: <[🔎] 44045844.5090500@gmail.com>
Reply-to: ricardoeureka@gmail.com
In-reply-to: <[🔎] 20060226210308.40fcbc12.rianechba@yahoo.es>
References: <[🔎] 20060223105703.aee5ddfc.rianechba@yahoo.es> <[🔎] 43FDC6CF.7010507@gmail.com> <[🔎] 20060226210308.40fcbc12.rianechba@yahoo.es>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

rancho wrote:
> On Thu, 23 Feb 2006 11:29:35 -0300
> "Ricardo Frydman Eureka!" <ricardoeureka@gmail.com> wrote:
> 
> 
> rancho wrote:
> 
>>como entiendo estos logs del apache.  " La PC NO DA NINGUN SERVICIO AL EXTERIOR"
> 
>>#tail /var/log/apache2/access.log
> 
>>la red esta compuesta por dos pc el server (GW) da servicios de web al cliente solamente ( 192.168.1.1), nfs bla bla bla y salida a la wed. de ahi el promer log
> 
>>192.168.1.1 - - [23/Feb/2006:08:00:05 -0300] "GET /manual/vhosts/ip-based.html HTTP/1.1" 200 9798 "http://192.168.1.10/manual/vhosts/"; "Mozilla/5.0 (X11; U; Linux ppc; es-AR; rv:1.7.12) Gecko/20051010 Firefox/1.0.7 (Ubuntu package 1.0.7)
>>61.141.184.76 - - [23/Feb/2006:08:02:24 -0300] "CONNECT smtp.mail.yahoo.com.cn:25 HTTP/1.0" 302 389 "-" "-"
>>219.134.178.105 - - [23/Feb/2006:08:02:32 -0300] "CONNECT cm1.hinet.net:25 HTTP/1.0" 302 371 "-" "-"
>>219.134.232.197 - - [23/Feb/2006:08:06:04 -0300] "CONNECT ms94.url.com.tw:25 HTTP/1.0" 302 375 "-" "-"
>>219.134.73.2 - - [23/Feb/2006:08:07:40 -0300] "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" 302 383 "-" "-"
>>219.133.247.12 - - [23/Feb/2006:09:09:17 -0300] "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" 302 383 "-" "-"
>>220.163.54.104 - - [23/Feb/2006:09:24:33 -0300] "OPTIONS / HTTP/1.1" 302 370 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
> 
> 
> La primera parte "CONNECT smtp.mail.yahoo.com:25 HTTP/1.0" intentan usar
> tu apache para hacer spam.
> 
> 
>> Suponia que habia algo de eso,
>> Por donde empiezo a investigar para evitar (con exito) estos casos.

http://www.google.com.ar/search?hs=uk8&hl=es&client=firefox&rls=org.mozilla%3Aes-AR%3Aunofficial&q=spam+in+apache&btnG=B%C3%BAsqueda&meta=
Resultados 1 - 10 de aproximadamente 22.700.000 de spam in apache. (0,16
segundos)

/Lee/ acerca de configuraciones de Apache y su relacion con la seguridad.
- --
Ricardo A.Frydman
Consultor en Tecnología Open Source - Administrador de Sistemas
jabber: ricardoeureka@gmail.com - http://www.eureka-linux.com.ar
SIP # 1-747-667-9534
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFEBFhDkw12RhFuGy4RAv9eAKCLWEDjtSxVZ+cEZ5XdfhWRVoPIUwCcCObP
NxDbJYoWVQIrAsmlh9GMNkQ=
=DW0X
-----END PGP SIGNATURE-----

Reply to:

References:
- logs de apache
  - From: rancho <rianechba@yahoo.es>
- Re: logs de apache
  - From: "Ricardo Frydman Eureka!" <ricardoeureka@gmail.com>
- Re: logs de apache
  - From: rancho <rianechba@yahoo.es>

Prev by Date: Re: ¿Cómo ejecuto aplicaciones a travez de SSH
Next by Date: Re: sshd sobre xinetd, � o no?
Previous by thread: Re: logs de apache
Next by thread: Re: logs de apache
Index(es):
- Date
- Thread