• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

[Apache2] What the heck happened here?

#1
(see attached part of the Apache2 httpd log)
What the heck happened here, that is what I want to know. I have never seen this loooong 'search' string. What did it search for, can it hurt, does it have consequenses (sp)?
BTW, I traced the IP back to a client who uses the same ISP as I use (Wanadoo Cable NL), so I can easily track the user down if necessary.
 

Attachments

vern

Dominus
Political User
#2
Maybe someone trying to do a buffer-overflow? If it didn't affect anything ... Your version is probably patched against it.
 

j79zlr

Glaanies script monkey
Political User
#3
vern said:
Maybe someone trying to do a buffer-overflow? If it didn't affect anything ... Your version is probably patched against it.
Agrees, also if you contact your/their ISP, they probably won't do anything unfortunately.
 
#5
Upgrade your Apache2 server to the latest version just in case. ;)

Also, try to configure the search program to limit the number of characters that can be used. So before Apache evaluates the search parameters fully (i.e. before it starts searching), it's already returning an error that the search string is too long. Or something like that. :p

Unless I misunderstood what "Search" does there. I'm thinking of a search program on your hosted site, like the Google and Altavista ones. Ya know. xD Oh well.
 

X-Istence

*
Political User
#7
It is a Sploit for IIS (I see it all the time on servers i admin). But like the others said, just update. And better be safe than sorry.
 
#8
Hehe, I should have said it's running on Windows XP ... :eek:
Anyway, it is the latest version (as of 3 weeks ago) and since it's an IIS exploit, I don't need to worry :D Thanks guys

(ps, please no flaming because I use XP+apache as a webserver, my freebsd server was broken, so I had to :))
 
#10
thekore said:
yeah fix the server :p
Almost, almost. Just got Samba3 running and I am ready to transfer the backups back to the server. Then all I have to do is import MySQL tables + data, reroute the internal IP, then I am all set :)
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,014
Latest member
sanoravies