note on security paranoia [wasRe: [oclug]Apache Logs]
dmo at acm.org
Wed Oct 30 14:33:42 EST 2002
On Wed, Oct 30, 2002 at 02:12:47PM -0500, Shad Young wrote:
[ snip ]
> 1) Lack of consistency. Logger is often fooled by external protocols.
> 2) Lack of understanding of non Linux protocols. In your particular case, as
> I watch the flood of misinformation come in, the lack of understanding of MS
> FrontPage's .net extensions and other non Linux RPC get said protocols
> labeled as hack attempts.
Uh, no. Requests for
are the product of one of the recent worm attacks on IIS. There are many
infected boxes still out there spewing this attack around.
//\ dmo at acm dot org
More information about the OCLUG