Unix/Linux Go Back    


Web Programming Discuss Web Programming and Web Server Administration, including LAMP, Apache, MySQL, HTML, SEO, and other Web APIs and topics.

Apache log with long strings of Xs in GET request

Web Programming


Tags
apache2, log

Closed    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 08-13-2009   -   Original Discussion by z1dane
z1dane's Unix or Linux Image
z1dane z1dane is offline
Registered User
 
Join Date: Aug 2007
Last Activity: 26 September 2013, 2:30 AM EDT
Location: Yokohama, Japan
Posts: 49
Thanks: 1
Thanked 4 Times in 4 Posts
Apache log with long strings of Xs in GET request

Hi everybody,

I was looking at my apache2 log and I found GET requests as such:

Some ip - - [20/Jul/2007:09:50:48 +1000] "GET /login.htm?password=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXX HTTP/1.1" 404 327

or (without a GET request)

Some ip - - [20/Jul/2007:09:50:33 +1000] "very long string of Xs" 414 375

There were several others requests with even longer strings of X. What was the person trying to achieve?

Many thanks,

Dave
Sponsored Links
    #2  
Old Unix and Linux 08-18-2009   -   Original Discussion by z1dane
Neo's Unix or Linux Image
Neo Neo is offline Forum Staff  
Administrator
 
Join Date: Sep 2000
Last Activity: 13 December 2017, 12:43 PM EST
Location: Asia pacific region
Posts: 14,091
Thanks: 934
Thanked 1,270 Times in 608 Posts
They were hacking looking for buffer overflows, more that likely.
Sponsored Links
    #3  
Old Unix and Linux 08-18-2009   -   Original Discussion by z1dane
z1dane's Unix or Linux Image
z1dane z1dane is offline
Registered User
 
Join Date: Aug 2007
Last Activity: 26 September 2013, 2:30 AM EDT
Location: Yokohama, Japan
Posts: 49
Thanks: 1
Thanked 4 Times in 4 Posts
Ah thanks Neo, I shall go and research on buffer overflows.
    #4  
Old Unix and Linux 08-21-2009   -   Original Discussion by z1dane
Neo's Unix or Linux Image
Neo Neo is offline Forum Staff  
Administrator
 
Join Date: Sep 2000
Last Activity: 13 December 2017, 12:43 PM EST
Location: Asia pacific region
Posts: 14,091
Thanks: 934
Thanked 1,270 Times in 608 Posts
Quote:
Originally Posted by z1dane View Post
Ah thanks Neo, I shall go and research on buffer overflows.
When you see an IP address hacking like that, you might want to use ipchains (if on Linux) to block the offending IP.
Sponsored Links
    #5  
Old Unix and Linux 08-21-2009   -   Original Discussion by z1dane
z1dane's Unix or Linux Image
z1dane z1dane is offline
Registered User
 
Join Date: Aug 2007
Last Activity: 26 September 2013, 2:30 AM EDT
Location: Yokohama, Japan
Posts: 49
Thanks: 1
Thanked 4 Times in 4 Posts
Quote:
Originally Posted by Neo View Post
When you see an IP address hacking like that, you might want to use ipchains (if on Linux) to block the offending IP.
Ah awesome! The webserver is running on redhat, so shouldn't be a problem. I use denyhosts to block ssh attempts but didn't know about ipchains.

Thanks again Neo!
Sponsored Links
Closed

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
sed problem replacing long strings mark007 UNIX for Dummies Questions & Answers 1 11-28-2008 12:02 AM
a request for help... patrick99e99 UNIX for Advanced & Expert Users 1 07-25-2006 03:50 AM
How to concatenate two strings or several strings into one string in B-shell? fontana Shell Programming and Scripting 2 08-26-2005 12:58 PM
Request sed help anjaan UNIX for Dummies Questions & Answers 2 03-08-2005 07:13 PM



All times are GMT -4. The time now is 10:27 PM.