[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Re: cobalt-security digest, Vol 1 #807 - 17 msgs
- Subject: [cobalt-security] Re: cobalt-security digest, Vol 1 #807 - 17 msgs
- From: Jürgen Rohrbach <juergen.rohrbach@xxxxxxxxxx>
- Date: Thu, 20 Jun 2002 17:29:26 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> Message: 4
> Date: Thu, 20 Jun 2002 01:24:25 -0500
> To: cobalt-security@xxxxxxxxxxxxxxx
> From: David Lucas <david@xxxxxxxxxxxxxxxx>
> Subject: Re: [cobalt-security] misterious logitems
> Reply-To: cobalt-security@xxxxxxxxxxxxxxx
>
> At 01:08 AM 6/20/2002, you wrote:
>> hello,
>>
>> in on of my site log files the following logentry appears many many times.
>>
>>
>> www.domain.de 218.29.70.241 - - [20/Jun/2002:08:18:39 +0200] "GET
>> http://www.domain.de/cobalt_error/forbidden.html HTTP/1.0" 200 653
>> "http://www.18xm.com" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
>>
>>
>> Is there a security problem with my box?
>>
>> Why is the complete url "http://www.domain.de...." listed in the get field?
>> Normal requests just list the relative path of the url?
>>
>> How can i stop responding to such requests?
>
>
> Turn off your server.
> We can't do much about all the nimda and code red virus' either. They just
> make log entries.
>
hello david,
are your sure that this logentry is produced because of the nimda or code
red virus?
thanks,
juergen