Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

strange apache log entry
From: narga () gmx net
Date: Sat, 10 Aug 2002 18:50:15 +0200 (MEST)
Yesterday I saw this in my logs (apache 2.0.39 acces_log):
::1 - - [10/Aug/2002:00:25:56 +0200] "CONNECT :::2121 HTTP/1.1" 400 267
::1 - - [10/Aug/2002:00:33:31 +0200] "CONNECT :::2121 HTTP/1.1" 400 267

error_log:
[Sat Aug 10 00:25:56 2002] [error] [client ::1] request failed: error
reading the 
headers
[Sat Aug 10 00:33:31 2002] [error] [client ::1] request failed: error
reading the 
headers

It seems like someone wants to connect to my port 2121 through a proxy. The
strange 
thing is, that there isn't any ip. My firewall (SuSEfirewall, an ipchains
based 
firewall from suse), didn't log anything, snort didn't log anything too. I
wasn't 
able to reproduce this by sending the request manually to port 80.

My question: is this a bug in apache, or what else happened?

-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net

Attachment: "
Description: 

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]