[mod-security-users] Strange Logs
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] Strange Logs
|
From: Christian M. <cma...@is...> - 2005-06-28 15:35:25
|
Hi i was trying some logs for the modsecurity Console, and i found these=20 entries (generated by Nikto): Why there is not Modsecurity_message? Why there is no Action? Why sometimes the Handler is proxy-server, and others null? Any ideas? Btw im using a modsecurity 1.9 Dev2. + mod_proxy. Thanks in advance Christian =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Request: 10.10.0.XXX - - [28/Jun/2005:17:11:31 +0200] "GET=20 /..\\..\\..\\..\\..\\..\\temp\\temp.class HTTP/1.0" 403 32 Handler: proxy-server ---------------------------------------- GET /..\\..\\..\\..\\..\\..\\temp\\temp.class HTTP/1.0 Content-Length: 0 User-Agent: Mozilla/4.75 (Nikto/1.34 ) Host: www.myhost.com Max-Forwards: 10 X-Forwarded-For: 10.10.0.XXX X-Forwarded-Host: www.myhost.com X-Forwarded-Server: www.myhost.com 0 HTTP/1.0 403 Forbidden Content-Type: text/html; charset=3DUTF-8 Content-Length: 32 Connection: close =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Request: 10.10.0.xxx - - [28/Jun/2005:17:11:30 +0200] "GET=20 /../webserver.ini HTTP/1.0" 400 302 Handler: (null) ---------------------------------------- GET /../webserver.ini HTTP/1.0 Connection: Keep-Alive Content-Length: 0 User-Agent: Mozilla/4.75 (Nikto/1.34 ) Host: www.myhost.com 28 [POST payload not available] HTTP/1.0 400 Bad Request Content-Length: 302 Connection: close Content-Type: text/html; charset=3Diso-8859-1 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Request: 10.10.0.xxx - - [28/Jun/2005:17:11:30 +0200] "GET=20 /../config.dat HTTP/1.0" 400 302 Handler: (null) ---------------------------------------- GET /../config.dat HTTP/1.0 Connection: Keep-Alive Content-Length: 0 User-Agent: Mozilla/4.75 (Nikto/1.34 ) Host: www.myhost.com 28 [POST payload not available] HTTP/1.0 400 Bad Request Content-Length: 302 Connection: close Content-Type: text/html; charset=3Diso-8859-1 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --=20 ______________________________ Christian Martorella e-Security Engineer cma...@is... Internet Security Auditors, S.L. c. Santander, 101. Edif. A. 2=BA 1=AA. 08030 Barcelona Tel: 93 305 13 18 Fax: 93 278 22 48 www.isecauditors.com ____________________________________ Este mensaje y los documentos que, en su caso lleve anexos, pueden contener informaci=F3n confidencial. Por ello, se informa a quien lo reciba por error que la informaci=F3n contenida en el mismo es reservada y su uso no autorizado est=E1 prohibido legalmente, por lo que en tal caso le rogamos que nos lo comunique por la misma v=EDa o por tel=E9fono (93 305 13 18), se abstenga de realizar copias del mensaje o remitirlo o entregarlo a otra persona y proceda a borrarlo de inmediato. En cumplimiento de la Ley Org=E1nica 15/1999 de 13 de diciembre de protecci=F3n de datos de car=E1cter personal, Internet Security Auditors S.L., le informa de que sus datos personales se han incluido en ficheros informatizados titularidad de Internet Security Auditors S.L., que ser=E1 el =FAnico destinatario de dichos datos, y cuya finalida= d exclusiva es la gesti=F3n de clientes y acciones de comunicaci=F3n comercial, y de que tiene la posibilidad de ejercer los derechos de acceso, rectificaci=F3n, cancelaci=F3n y oposici=F3n previstos en la ley mediante carta dirigida a Internet Security Auditors, c. Santander, 101. Edif. A. 2=BA 1=AA, 08030 Barcelona, o v=EDa e-mail a la siguiente direcci=F3n de correo: le...@is... |
