Login or Register to Ask a Question and Join Our Community


Web Development

Apache log with long strings of Xs in GET request

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Web Development Apache log with long strings of Xs in GET request
# 1  
Old 08-13-2009
Apache log with long strings of Xs in GET request
Hi everybody,

I was looking at my apache2 log and I found GET requests as such:

Some ip - - [20/Jul/2007:09:50:48 +1000] "GET /login.htm?password=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXX HTTP/1.1" 404 327

or (without a GET request)

Some ip - - [20/Jul/2007:09:50:33 +1000] "very long string of Xs" 414 375

There were several others requests with even longer strings of X. What was the person trying to achieve?

Many thanks,

Dave
# 2  
Old 08-18-2009
They were hacking looking for buffer overflows, more that likely.
# 3  
Old 08-18-2009
Ah thanks Neo, I shall go and research on buffer overflows.
# 4  
Old 08-21-2009
Quote:
Originally Posted by z1dane
Ah thanks Neo, I shall go and research on buffer overflows.
When you see an IP address hacking like that, you might want to use ipchains (if on Linux) to block the offending IP.
# 5  
Old 08-21-2009
Quote:
Originally Posted by Neo
When you see an IP address hacking like that, you might want to use ipchains (if on Linux) to block the offending IP.
Ah awesome! The webserver is running on redhat, so shouldn't be a problem. I use denyhosts to block ssh attempts but didn't know about ipchains.

Thanks again Neo!
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Linux

Apache vhost - debug web request

Hello all, I have several vhost and not sure which vhost is serving the requests to my url http://www.mydomain.tld i have ssh access to the web server is there a way e.g curl to know exactly which vhost served the request. one of my friend suggested logs but i want to find another... (4 Replies)
Discussion started by: coolatt
4 Replies

2. OS X (Apple)

Web Request log

Hey all, I would like to track what applications are requesting access at the unix level. is there a log or a way to capture all network access requests? Not with applications. (1 Reply)
Discussion started by: Phorn
1 Replies

3. Web Development

Apache/2.2.15 custom error log

Hello, I've updated my apache access log to include the x-forward-for IP instead of my client(loadbalancer) ip. However, i can't seem to find a way to do the same for the error logs. Can someone please assist. Thank you. -K (0 Replies)
Discussion started by: kmaq7621
0 Replies

4. Shell Programming and Scripting

Grab data within a table in a long log file.

in my file which is a rather long log file it contains many text and tables and there is one table with 15 columns and I am interested to read in the value in column6 and its corresponding value in column2. Trouble is I do not know how to script it as the line number various between different log... (8 Replies)
Discussion started by: piynik
8 Replies

5. Cybersecurity

configure apache to accept request form specific IP

Hi, What should I change in the httpd.conf so that the apache will accept request from page from specific IP and deny all the rest IP. I am reading the document of the apache but it is very long (700 pages) and I searched but I could not find something about this. So if someone can explain... (0 Replies)
Discussion started by: programAngel
0 Replies

6. Web Development

Copy and forward apache http request

Hello, I am using apache 2.2 and I need to have certain http requests (those including example.com for instance) to be executed normally and forwarded to another server. With mod_rewrite, I could easily forward but then the input request would not be executed on my server. Right? Am I... (1 Reply)
Discussion started by: JCR
1 Replies

7. Web Development

how to wait after apache log rotation

My solaris server utilize the freeware savelog program to rotate apache logs. One server has become very busy and even after doing a graceful restart it continues to log to the saved gzip log file. Has anyone been able to come up with a way or script to issue a "wait" type command so that the... (2 Replies)
Discussion started by: csross
2 Replies

8. Solaris

Apache localhost-access.log

The localhost-access.log has a size 3gb. What can apache2 break log on the parts 300mb, or the other issue, make log every week and index it with prifix current date(localhost-access_date.log)? Please help. (3 Replies)
Discussion started by: sotich82
3 Replies

9. UNIX for Dummies Questions & Answers

sed problem replacing long strings

Hi all, I have a script which uses sed to replace one string with another. The problem is, the string to be matched, and its replacement are coming in as two command line arguments $1 and $2 $1 and $2 can be absolutely anything, but both should be treated purely as strings. My sed command... (1 Reply)
Discussion started by: mark007
1 Replies
Login or Register to Ask a Question