FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 11-22-2011, 09:48 PM
Knute Johnson
 
Default Logwatch apache question?

I have a lot more of the following in my daily log. Any idea what
exactly the known hack attempt was?


> Attempts to use known hacks by 197 hosts were logged 562 time(s) from:
> 71.198.234.91: 14 Time(s)
>
> 66.169.235.10: 10 Time(s)
>
> A total of 197 sites probed the server
> 108.201.92.73
> 108.23.234.43

Could this be what's causing it?

knute@knutejohnson:/var/log/apache2$ cat access.log | grep 71.198.234.91
lonejuniper.com:80 71.198.234.91 - - [20/Nov/2011:10:57:03 -0800] "GET
/tejon320.jpg HTTP/1.1" 200 8651
"http://www.medfordfuel.com/Interstate_5_California.htm" "Mozilla/5.0
(compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)"
lonejuniper.com:80 71.198.234.91 - - [20/Nov/2011:10:57:03 -0800] "GET
/alpaca320.jpg HTTP/1.1" 200 8237
"http://www.medfordfuel.com/Interstate_5_California.htm" "Mozilla/5.0
(compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)"
216.240.58.140:80 71.198.234.91 - - [20/Nov/2011:10:57:27 -0800] "-" 408
0 "-" "-"


Specifically the one with the 408 message?

Requests with error response codes
408 Request Timeout
null: 562 Time(s)

Is requesting a null page a hack?

Thanks,

--

Knute Johnson

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 04:33 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org