apache webserver secuity questions

Discussion in 'other security issues & news' started by maes, Jul 28, 2003.

Thread Status:
Not open for further replies.
  1. maes

    maes Registered Member

    Joined:
    Jul 16, 2003
    Posts:
    19
    I'm running an apache webserver just for fun and to improve my knowledge about those thing and I have a few questions:

    this is a regular line from a log:
    xxx.xxx.xxx.xxx - - [28/Jul/2003:14:36:47 +0200] "GET /maes.jpg HTTP/1.1" 200 3808

    I know what GET and POSTS means, but In my logs apear others also:
    HEAD
    SEARCH
    CONNECT
    OPTIONS
    examples:


    According to the errorcode that was returned:
    HEAD and OPTIONS was accepted
    SEARCH is not implemented
    CONNECT is not allowed.
    Should I be worried about the HEAD and the OPTIONS?
    how do people generate these messages? And what kind of info does the other party get?

    This is an other GET message:


    As far as I know, I'm not mirroring yahoo, so why does someone want to get he yahoo page through my server. Is there someting I can do about it?

    BTW, here's another CONNECT message: look at the IP, and portnumber (I didn't do this, this came directly from my log)

    the IP were it came from was registerd to :

    So I think he spoofed it

    --Maes
     
Loading...
Thread Status:
Not open for further replies.