apache webserver secuity questions

Discussion in 'other security issues & news' started by maes, Jul 28, 2003.

Thread Status:
Not open for further replies.
  1. maes

    maes Registered Member

    Joined:
    Jul 16, 2003
    Posts:
    19
    I'm running an apache webserver just for fun and to improve my knowledge about those thing and I have a few questions:

    this is a regular line from a log:
    xxx.xxx.xxx.xxx - - [28/Jul/2003:14:36:47 +0200] "GET /maes.jpg HTTP/1.1" 200 3808

    I know what GET and POSTS means, but In my logs apear others also:
    HEAD
    SEARCH
    CONNECT
    OPTIONS
    examples:


    According to the errorcode that was returned:
    HEAD and OPTIONS was accepted
    SEARCH is not implemented
    CONNECT is not allowed.
    Should I be worried about the HEAD and the OPTIONS?
    how do people generate these messages? And what kind of info does the other party get?

    This is an other GET message:


    As far as I know, I'm not mirroring yahoo, so why does someone want to get he yahoo page through my server. Is there someting I can do about it?

    BTW, here's another CONNECT message: look at the IP, and portnumber (I didn't do this, this came directly from my log)

    the IP were it came from was registerd to :

    So I think he spoofed it

    --Maes
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.