Correct me if I'm wrong but I'm thinking that those URLs do not contain the IP addresses of hosts accessing your proxy, but rather they are outbound POST requests FROM your 'clients' TO remote destinations.
This portion of the 2nd type URL you provided is typical of a 'folder' with a randomly generated name.
Code:
/IVmYwvJKhJFesFjK/
Folders like that are often used for legit purposes but those URLs also resemble a Slow Lorris attack. In that sort of scenario, the path and resource are arbitrary and likely don't exist. The objective is to flood the server with a bunch of requests that won't time-out, because the very end of the request header is crafted so it is purposely missing the full 0d 0a 0d 0a that the server expects.
Not really enough evidence to determine from your post.
EDIT: My first post on this forum and unfortunately, I NECROed. Sorry all.....
Last edited by bashomatic; 03-14-2017 at 06:14 PM..
Reason: Apologized for thread necro.
Hello
one of my sites i host is doing somewhat well in the search engines, and i would like to watch the raw log files while looged in with telenet
is there a way to do this.
thanx
Mike (2 Replies)
Hi,
I am involved in a project on Debian. One of my requirement is to route an IP packet in my application to a proxy server and receive the reply from the proxy server as an IP packet. My application handles data at the IP frame level. My application creates an IP packet(with all the necessary... (0 Replies)
Hi there
I am currently trying to access an http site using the wget utility from a solaris box. I am going through proxies to do this and we have two types of proxies.
For the first one, which is a netcache proxy, I am able to use the wget command to export the proxy information
export... (2 Replies)
How I can get the logs that are getting stored in specific location in unix server
through an Apache web server installed in unix server?
Requirement is to access the logs through the URL in windows browser without any access. (1 Reply)
Hello Team,
I need help to improve my script which is used to grep 500 error messages in the logs.
I am using following logic in the script to grep 500 error messages in the logs.
var1=`awk '$9 == "500"' access_log | tail -1`
The above logic is not useful if logs are not getting... (1 Reply)
I need to configure a proxy on my local machine to use an upstream proxy (installed on another machine). The upstream proxy requires Digest/NTLM authorization. I want the local proxy to deal with the upstream proxy's authorization details and provides authorization free access to users that connect... (0 Replies)
Discussion started by: Russel
0 Replies
LEARN ABOUT SUSE
wwwoffle
wwwoffle(1) General Commands Manual wwwoffle(1)NAME
wwwoffle - A program to control the World Wide Web Offline Explorer.
SYNOPSIS
wwwoffle -h | --help --version
wwwoffle -online [-p <host>[:<port>] | -c <config-file>]
wwwoffle -autodial [-p <host>[:<port>] | -c <config-file>]
wwwoffle -offline [-p <host>[:<port>] | -c <config-file>]
wwwoffle -fetch [-p <host>[:<port>] | -c <config-file>]
wwwoffle -config [-p <host>[:<port>] | -c <config-file>]
wwwoffle -dump [-p <host>[:<port>] | -c <config-file>]
wwwoffle -cyclelog [-p <host>[:<port>] | -c <config-file>]
wwwoffle -purge [-p <host>[:<port>] | -c <config-file>]
wwwoffle -status [-p <host>[:<port>] | -c <config-file>]
wwwoffle -kill [-p <host>[:<port>] | -c <config-file>]
wwwoffle [-o|-O] [-p <host>[:<port>] | -c <config-file>] URL
wwwoffle [-d[<depth>] | -r[<depth>] | -R[<depth>]] [-g[Sisfo]] [-F] [-p <host>[:<port>] | -c <config-file>] URL1 [URL2 [... URL]]
wwwoffle [-d[<depth>] | -r[<depth>] | -R[<depth>]] [-g[Sisfo]] [-F] [-p <host>[:<port>] | -c <config-file>] file1 [file2 [... file]]
wwwoffle -post [-p <host>[:<port>] | -c <config-file>] URL
wwwoffle -put [-p <host>[:<port>] | -c <config-file>] URL
DESCRIPTION
wwwoffle controls the World Wide Web Offline Explorer proxy HTTP server.
The wwwoffle program is used to control the wwwoffled program, to tell it when the computer is online or offline, and which URLs to get and
when to fetch them.
The control options are also available from the server on an interactive control web page at http://localhost:8080/control/.
OPTIONS
The command line options available for the program are described below.
-h | --help
A help message is printed giving a brief description of the usage of the program.
--version
The version number of the program is printed.
-online
Tell the wwwoffled proxy server that the computer is online to the internet and that requests are to be fetched immediately.
-autodial
Tell the wwwoffled proxy server that the computer can become online to the internet if required for requests that are not already
cached, but that pages that are in the cache do not require any network access. This is intended for use with dial-on-demand sys-
tems (using diald for example).
-offline
Tell the wwwoffled proxy server that the computer is not online to the internet and that requests are to be cached until they are
fetched later.
-fetch Tell the wwwoffled proxy server to fetch all of the requests that have been cached. (The proxy server must be online for this to
work.) The program will wait until all of the requests have been met before exiting.
-config
Tell the wwwoffled proxy server to re-read the configuration file.
-dump Tell the wwwoffled proxy server to dump out the current program configuration. This is equivalent to the most recently read config-
uration file and the built-in default options.
-cyclelog
Tell the wwwoffled proxy server to close and then re-open the log file.
-purge Tell the wwwoffled proxy server that the cache is to be purged. The configuration file wwwoffle.conf(5) specifies the maximum age
of the pages to keep. If a maximum cache size is specified then the oldest pages are deleted until the size is not exceeded.
-status
Request from the wwwoffled proxy server the current status of the program. The online or offline mode, the fetch and purge sta-
tuses, the number of current processes and their PIDs are displayed.
-kill Tell the wwwoffled proxy server to exit cleanly at the next convenient point.
URL The URL of a web page that is to be fetched. This is the same as using a browser and entering the URL if not already in the cache
or pressing the refresh button in the index if it is in the cache.
file The name of an HTML file that is to be parsed and the links in it are to be fetched as if the URLs had been specified on the command
line.
-o Fetch the specified URL (from the cache or request it if not already cached when offline, or get it when online) and output it on
standard output. This is an easy way of getting an image out of the cache to be used in other programs. The contents of the Modi-
fyHTML section of the configuration file are ignored and the unmodified data is output.
-O Fetch the specified URL (from the cache or request it if not already cached when offline, or get it when online) and output it on
standard output including the HTTP header. The contents of the ModifyHTML section of the configuration file are ignored and the
unmodified data is output.
-F Force the specified URLs to be refreshed. Without this option, the page will not be fetched unless newer than the version on the
server.
-r[<depth>]
Causes the pages linked to by the specified URLs also to be fetched if they are on the same host. This recursion works for a number
of links specified by the depth parameter, a depth of 0 means only the specified page, a depth of 2 means all linked pages and all
links from them.
-R[<depth>]
The same as -r above, but it also works for links that are not on the same host.
-d[<depth>]
The same as -r above, but is limited to links in the same directory or a sub-directory.
-gS Also fetches the stylesheets that are included in the specified URLs.
-gi Also fetches the images that are included in the specified URLs.
-gf Also fetches the frames that are included in the specified URLs.
-gs Also fetches the scripts that are included in the specified URLs.
-go Also fetches the objects that are included in the specified URLs.
-post Create a request using the POST method, the data is read from stdin, and appended to the request. The user must ensure that the
format of the data is valid for a POST request. Any of the characters '&', '=' or ';' that are not being used for their reserved
purpose must be URL-encoded in the input, other characters will be URL-encoded.
-put Create a request using the PUT method, the data is read from stdin and appended to the request.
-c <config-file>
Specifies the name of the configuration file that contains the server host name, port numbers and authorisation password. This is
required for the -online, -autodial, -offline, -fetch, -config, -dump, -purge, -status and -kill options if a password is set. The
user must have read access to the configuration file to be able to use the command if a password is set. (See the StartUp and
LocalHost section of wwwoffle.conf(5) for more information on setting the server host name, ports and password.)
-p <host>[:<port>]
Sets the hostname and port number that is to be used for the connection to the proxy server. For the -online, -autodial, -offline,
-fetch, -config, -dump, -purge, -status and -kill options this must be the WWWOFFLE control port, for the URL options it must be the
WWWOFFLE HTTP proxy server port. If no -p option is specified then the compile-time defaults are used.
When the -F , -R[<depth>] , -r[<depth>] , -d[<depth>] or -g[Sisfo] options are given then they will override the options that are set in
the FetchOptions section of the configuration and not fetch any other contents of the specified URL. For example if the fetch options nor-
mally include images and frames then using the -gi option will only fetch images and not frames. All page contents to be fetched must be
specified as command line options. Specifying -g without any options will fetch only the specified URL without any of the options.
ENVIRONMENT VARIABLE
The WWWOFFLE_PROXY environment variable can be used instead of the -c or -p options. There are three ways that the variable can be used.
1. When the variable is set to absolute pathname of a file, then that file is used as the configuration file like the -c option (for
example /etc/wwwoffle/wwwoffle.conf).
2. The WWWOFFLE_PROXY variable can also be set to the hostname and the port number that would be used with the -p option (for example
localhost:8080).
3. The third possibility is to set the variable to the hostname and the two port numbers for the WWWOFFLE HTTP proxy port and the
WWWOFFLE control port (for example localhost:8080:8081). This way it will work with both types of commands (proxy access and con-
trol).
SEE ALSO wwwoffled(8), wwwoffle.conf(5), diald(8).
AUTHOR
Andrew M. Bishop 1996-2009 (amb@gedanken.demon.co.uk)
March 13, 2009 wwwoffle(1)
03-14-2017
