Home page logo

basics logo Security Basics mailing list archives

dns-ish question.
From: Zep <zep () nemesis mmind net>
Date: Thu, 29 May 2003 22:23:50 -0400

        So I'm super paranoid guy and I always keep a pretty
close eye on my httpd logs... when I encounter this strange entry.
(or at least I think it's strange).  I get an entry that says :

name.domain.tld - - [28/May/2003:01:40:09 -0500] "OPTIONS * HTTP/1.0" 200 0

I'm guessing the entry itself implys the end person is poking around,
looking for misconfigurations, et al... but the strange part
to me is I can not  lookup name.domain.tld.   Is this some
sort of misguided... idea of security?    I could do a reverse
lookup to log, but...?   it seems very flakey to me.

I thought it was perhaps a misconfiguration for this particular site,
but today a friend of mine has a very similar sort of log entry, only 
with a doj.gov domain.   Any thoughts?
                                             - Zep
                                      (zep () nemesis mmind net)

Where are we going, and why am I in this handbasket?


  By Date           By Thread  

Current thread:
  • dns-ish question. Zep (May 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]