Re: sniffing SSL (was OT: mod_ssl (apache) log entries -- wtf?)

To: debian-user@lists.debian.org
Subject: Re: sniffing SSL (was OT: mod_ssl (apache) log entries -- wtf?)
From: "Keith G. Murphy" <keithmur@mindspring.com>
Date: Thu, 27 Feb 2003 11:43:33 -0600
Message-id: <[🔎] 3E5E4E45.7060400@mindspring.com>
References: <[🔎] 20030220204559.GA62802@doorstop.net> <[🔎] 20030221060425.GD26848@mail.serensoft.com>

Will Trillich wrote:
 >
 > but the odd part is, they didn't just come in from the top
 > (first uri was not "/"). it reflects either a) the result of a
 > prior drill-down or 2) an exact echo of my previous request, but
 > somehow coming from outside in the internet.
 >
You may have already done this, but the first thing I would check is
whether some interface somewhere on your LAN is misconfigured and set up
as that "MIT" IP address.  It seems unlikely that it's really coming
from outside.

As far as it being an "echo": sometimes strange things can happen due to
   apache misconfiguration; like when the page references an image, but
due to proxying, redirection, mod-perl handling, etc., apache wants to
reload the page instead.  Check out those style sheet references from
the root, for example.

Hmmm, makes me think the Apache machine itself may have that address
configured somewhere...

Reply to:

References:
- sniffing SSL (was OT: mod_ssl (apache) log entries -- wtf?)
  - From: Vineet Kumar <debian-user@virtual.doorstop.net>
- Re: sniffing SSL (was OT: mod_ssl (apache) log entries -- wtf?)
  - From: Will Trillich <will@serensoft.com>

Prev by Date: Re: [OT] Complaint
Next by Date: Re: Performance hit: symlinks
Previous by thread: Re: sniffing SSL (was OT: mod_ssl (apache) log entries -- wtf?)
Next by thread: nslookup --- which package?
Index(es):
- Date
- Thread