Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: Re: Unusual entry in Apache logs

Re: Unusual entry in Apache logs

From: Jonathan Adams <keirre.adams_at_gmail.com>
Date: Thu, 29 May 2008 19:45:38 -0400

Neil,

 take a look at this:

http://www.honeynet.org/scans/scan31/sol/

On Thu, May 29, 2008 at 5:54 PM, Neil Dickey <neil_at_geol.niu.edu> wrote:
>
> I have of late seen a few entries such as this ...
>
> 125.224.192.192 - - [29/May/2008:09:15:34 -0500] "\x05\x01" 501 3100 "-" "-"
>
> ... in my Apache webserver logs. They are the only entry in
> the log for the particular source IP; that is, they don't
> represent an anomaly in an otherwise normal session. Such
> entries record the only contact made by the source IP.
>
> GOOGLE hasn't told me anything interesting; does anyone know
> what this is?
>
> Many thanks for any ideas.
>
> Best regards,
>
> Neil Dickey, Ph.D.
> email: neil_at_geol.niu.edu
> Research Associate/Sysop
> Geology Department
> Northern Illinois University
> DeKalb, Illinois, U.S.A.
> 60115
> 

-- 
___________________________
Jon Adams
web: http://www.scis.nova.edu/~jonaadam
mail: keirre.adams_at_gmail.com
---------------------------------------------
"Strength does not come from physical capacity. It comes from an
indomitable will." -
Mohandas Gandhi
Received on May 30 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]