Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 07-29-2004, 10:12 PM   #1
Registered: Dec 2003
Location: Canada
Posts: 47

Rep: Reputation: 15
Help me decipher weird Apache activity

Hi, I 'm a Linux newbie and I could use some Apache help here.

I recently discovered that my Apache installation had an open proxy (thank you, Mandrake default setup), and may have been relaying spam.

Anyway, I figured out how to disable mod_proxy in the configuration file, so all should be fine. But the moment I restart httpd, I get a flood of messages in access_log and error_log. The access_log ones are particularly weird, because my machine is receiving about 2 requests per second from who-knows-where. The requests seem to include long, random URLs for a variety of domains.

Most of the entries in access_log take the form GET http://some-url followed by two numbers (error codes?), a second URL (referer string?) and a user-agent ID. Here's an example:

"GET HTTP/1.0" 404 411 "" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"

Some of the entries start with CONNECT or HEAD instead.

Can someone tell me what's going on here? Why are all these weird requests hitting my machine? What is Apache doing about them? How do I make it stop?
Old 07-30-2004, 09:07 AM   #2
Senior Member
Registered: Nov 2002
Location: pikes peak
Distribution: Slackware, LFS
Posts: 2,577

Rep: Reputation: 48
is the "telnet" service enabled?? turn it off if it is.............
/etc/inetd is the file you want to edit...........
Old 07-27-2005, 11:52 PM   #3
LQ Newbie
Registered: Apr 2005
Location: colorado
Distribution: mandriva
Posts: 27

Rep: Reputation: 15

I also commented this in httpd.conf

# Listen 8080
# Listen 80


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
weird hard drive activity Furlinastis Slackware 4 01-25-2005 07:30 AM
make install ndiswrapper error I can't decipher case1984 Linux - Wireless Networking 1 09-28-2004 05:59 PM
Very strange activity - EXE running as apache?? lucastic Linux - Security 2 09-03-2004 05:01 AM
Can anyone decipher my K3b error message? Trinity22 Linux - Software 3 04-21-2004 09:01 PM
Try to decipher this :) Whitehat General 42 06-29-2003 06:42 PM

All times are GMT -5. The time now is 02:22 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration