Correct me if I'm wrong but I'm thinking that those URLs do not contain the IP addresses of hosts accessing your proxy, but rather they are outbound POST requests FROM your 'clients' TO remote destinations.
This portion of the 2nd type URL you provided is typical of a 'folder' with a randomly generated name.
Code:
/IVmYwvJKhJFesFjK/
Folders like that are often used for legit purposes but those URLs also resemble a Slow Lorris attack. In that sort of scenario, the path and resource are arbitrary and likely don't exist. The objective is to flood the server with a bunch of requests that won't time-out, because the very end of the request header is crafted so it is purposely missing the full 0d 0a 0d 0a that the server expects.
Not really enough evidence to determine from your post.
EDIT: My first post on this forum and unfortunately, I NECROed. Sorry all.....
Last edited by bashomatic; 03-14-2017 at 06:14 PM..
Reason: Apologized for thread necro.
Hello
one of my sites i host is doing somewhat well in the search engines, and i would like to watch the raw log files while looged in with telenet
is there a way to do this.
thanx
Mike (2 Replies)
Hi,
I am involved in a project on Debian. One of my requirement is to route an IP packet in my application to a proxy server and receive the reply from the proxy server as an IP packet. My application handles data at the IP frame level. My application creates an IP packet(with all the necessary... (0 Replies)
Hi there
I am currently trying to access an http site using the wget utility from a solaris box. I am going through proxies to do this and we have two types of proxies.
For the first one, which is a netcache proxy, I am able to use the wget command to export the proxy information
export... (2 Replies)
How I can get the logs that are getting stored in specific location in unix server
through an Apache web server installed in unix server?
Requirement is to access the logs through the URL in windows browser without any access. (1 Reply)
Hello Team,
I need help to improve my script which is used to grep 500 error messages in the logs.
I am using following logic in the script to grep 500 error messages in the logs.
var1=`awk '$9 == "500"' access_log | tail -1`
The above logic is not useful if logs are not getting... (1 Reply)
I need to configure a proxy on my local machine to use an upstream proxy (installed on another machine). The upstream proxy requires Digest/NTLM authorization. I want the local proxy to deal with the upstream proxy's authorization details and provides authorization free access to users that connect... (0 Replies)
Discussion started by: Russel
0 Replies
LEARN ABOUT CENTOS
lwp-request
LWP-REQUEST(1) User Contributed Perl Documentation LWP-REQUEST(1)NAME
lwp-request, GET, POST, HEAD - Simple command line user agent
SYNOPSIS
lwp-request [-afPuUsSedvhx] [-m method] [-b base URL] [-t timeout]
[-i if-modified-since] [-c content-type]
[-C credentials] [-p proxy-url] [-o format] url...
DESCRIPTION
This program can be used to send requests to WWW servers and your local file system. The request content for POST and PUT methods is read
from stdin. The content of the response is printed on stdout. Error messages are printed on stderr. The program returns a status value
indicating the number of URLs that failed.
The options are:
-m <method>
Set which method to use for the request. If this option is not used, then the method is derived from the name of the program.
-f Force request through, even if the program believes that the method is illegal. The server might reject the request eventually.
-b <uri>
This URI will be used as the base URI for resolving all relative URIs given as argument.
-t <timeout>
Set the timeout value for the requests. The timeout is the amount of time that the program will wait for a response from the remote
server before it fails. The default unit for the timeout value is seconds. You might append "m" or "h" to the timeout value to make
it minutes or hours, respectively. The default timeout is '3m', i.e. 3 minutes.
-i <time>
Set the If-Modified-Since header in the request. If time is the name of a file, use the modification timestamp for this file. If time
is not a file, it is parsed as a literal date. Take a look at HTTP::Date for recognized formats.
-c <content-type>
Set the Content-Type for the request. This option is only allowed for requests that take a content, i.e. POST and PUT. You can force
methods to take content by using the "-f" option together with "-c". The default Content-Type for POST is
"application/x-www-form-urlencoded". The default Content-type for the others is "text/plain".
-p <proxy-url>
Set the proxy to be used for the requests. The program also loads proxy settings from the environment. You can disable this with the
"-P" option.
-P Don't load proxy settings from environment.
-H <header>
Send this HTTP header with each request. You can specify several, e.g.:
lwp-request
-H 'Referer: http://other.url/'
-H 'Host: somehost'
http://this.url/
-C <username>:<password>
Provide credentials for documents that are protected by Basic Authentication. If the document is protected and you did not specify the
username and password with this option, then you will be prompted to provide these values.
The following options controls what is displayed by the program:
-u Print request method and absolute URL as requests are made.
-U Print request headers in addition to request method and absolute URL.
-s Print response status code. This option is always on for HEAD requests.
-S Print response status chain. This shows redirect and authorization requests that are handled by the library.
-e Print response headers. This option is always on for HEAD requests.
-E Print response status chain with full response headers.
-d Do not print the content of the response.
-o <format>
Process HTML content in various ways before printing it. If the content type of the response is not HTML, then this option has no
effect. The legal format values are; text, ps, links, html and dump.
If you specify the text format then the HTML will be formatted as plain latin1 text. If you specify the ps format then it will be
formatted as Postscript.
The links format will output all links found in the HTML document. Relative links will be expanded to absolute ones.
The html format will reformat the HTML code and the dump format will just dump the HTML syntax tree.
Note that the "HTML-Tree" distribution needs to be installed for this option to work. In addition the "HTML-Format" distribution needs
to be installed for -o text or -o ps to work.
-v Print the version number of the program and quit.
-h Print usage message and quit.
-a Set text(ascii) mode for content input and output. If this option is not used, content input and output is done in binary mode.
Because this program is implemented using the LWP library, it will only support the protocols that LWP supports.
SEE ALSO
lwp-mirror, LWP
COPYRIGHT
Copyright 1995-1999 Gisle Aas.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
AUTHOR
Gisle Aas <gisle@aas.no>
perl v5.16.3 2012-02-11 LWP-REQUEST(1)
03-14-2017
