On Tue, Aug 20, 2002 at 05:17:38PM -0400 or thereabouts, Ward William E DLDN wrote: > Ok, I don't often NOT understand what I'm seeing in my Apache logs, but this > is one of those times: (IPs removed to protect the innocent). > > adsl212-115.advancedsl.com.ar - - [15/Aug/2002:19:54:58 -0400] "GET > http://cpcug.org/scripts/env.cgi HTTP/1.0" 404 275 "-" "Mozilla/3.0 (compatible)" > was an attempt to use my proxy to redirect an attack at CPCUG.org? If so, > since this is in the ACCESS log and this
Yes, and no, he is trying to get to see, through you, if cpcug.org has an environmental cgi script, as they will tell him all of the environmental variables that cpcug.org has. It definitely is the start of something. > [Thu Aug 15 19:54:58 2002] [error] [client 200.51.212.115] File does not > exist: /var/www/html/scripts/env.cgi > > was in my error log, am I safe in assuming he did NOT succeed? Or should I > look more closely at this? check your cgi scripts, and while you are at it, also be watchful that you do not have a formail cgi, as older versions had gaping holes to allow spammers to utilize this, even if you have otherwise shut down mail relay. -- Best regards, Gary -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
