Linux Today: Linux News On Internet Time.

Security Portal: Ask Buffy - Strange Entries in Apache Log and Port Sniffers

Mar 01, 2001, 23:56 (0 Talkback[s])
(Other stories by Buffy)

"Lately I have seen some weird and funky entries in my Apache access_log and /var/log/messages.

One of them is this entry: - - [27/Feb/2001:13:11:00
        +0100] "GET /index.htm%20XCVC/7.0 HTTP/1.1"
        404 311
What is this string: %20XCVC/7.0? And was he scanning for some vulnerable Web server, or was it generated by some Web tool?..."

"I'm curious about a recent article I read in an English computer magazine about port sniffers. If a person using such a program found an open port on someone's machine, how could they access it? And how can I protect myself from such an attack?..."

Complete Story

Related Stories: