Re: Security Issues...

Subject: Re: Security Issues...
From: Brian Watson (bcwatso1@uiuc.edu)
Date: Mon Aug 13 2001 - 22:06:38 MDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Jonathan Mergy: "Re(2): Security Issues..."
• Previous message: frazz@lump.mine.nu: "Resolution to a current Yup issue. (Corrected)"
• In reply to: Darron Froese: "Re: Security Issues..."
• Next in thread: Jonathan Mergy: "Re(2): Security Issues..."
• Next in thread: Brent Cantrell: "Re: Security Issues..."
• Reply: Brian Watson: "Re: Security Issues..."

4.21.22.189 - - [12/Aug/2001:04:11:52 -0400] "GET
/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$
24.182.1.195 - - [12/Aug/2001:04:27:09 -0400] "GET
/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$
24.254.41.153 - - [12/Aug/2001:04:30:07 -0400] "GET
/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$
24.12.7.35 - - [12/Aug/2001:04:35:02 -0400] "GET
/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$
24.182.165.183 - - [12/Aug/2001:04:38:24 -0400] "GET
/default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX$
24.182.60.67 - - [12/Aug/2001:05:00:24 -0400] "GET

There are lots of entries like this from different IP addresses.

One had this... 63.236.92.153 - - [12/Aug/2001:17:58:47 -0400] "GET
/robots.txt HTTP/1.0" 404 275

A regular hit to the page looks like this:
130.126.28.63 - - [12/Aug/2001:18:55:11 -0400] "GET / HTTP/1.0" 200 868
130.126.28.63 - - [12/Aug/2001:18:55:11 -0400] "GET
/icons/apache_pb.gif HTTP/1.0" 200 2326
130.126.28.63 - - [12/Aug/2001:18:55:11 -0400] "GET /poweredby.png
HTTP/1.0" 200 1783
130.126.28.63 - - [12/Aug/2001:18:55:45 -0400] "GET / HTTP/1.0" 200 191

>On 8/13/01 8:55 PM, "Brian Watson" <bcwatso1@uiuc.edu> wrote:
>
>> I've noticed several people attempting to access my website, and not
>> by ordinary means. I've been examining my logs, and many, many
>> people are port sniffing me. How can I stop port sniffers? A friend
>> mentioned something about a robots.txt file, but I don't know if this
>> applies to YDL or not. Any help would be appreciated.
>
>Brian,
>
>The only way you can stop people from 'port scanning' you is by unplugging
>your computer from the internet.
>
>A robots.txt file will not stop port scanners, but they *may* stop well
>behaved web robots from indexing your websites - those are two very separate
>things.
>
>What are you actually seeing in your web logs? If you posted them, I'm
>fairly sure we may be able to see what's going on.
>--
>Darron
>darron@froese.org

• Next message: Jonathan Mergy: "Re(2): Security Issues..."
• Previous message: frazz@lump.mine.nu: "Resolution to a current Yup issue. (Corrected)"
• In reply to: Darron Froese: "Re: Security Issues..."
• Next in thread: Jonathan Mergy: "Re(2): Security Issues..."
• Next in thread: Brent Cantrell: "Re: Security Issues..."
• Reply: Brian Watson: "Re: Security Issues..."

This archive was generated by hypermail 2a24 : Mon Aug 13 2001 - 21:16:07 MDT