The request came again and from google i understood that it was a type of Web-server attack but i can't find more details on the web.Does any body have idea
Looks like a Directory Traversal
attack and they are trying to grab files off of your computer. See the one trying to grab /etc/passwd? They want that to try and figure out passwords on your machine.
Since the request found on Apache error logs, i assume that the attack is not successful one.How can i find out that attack is successful or not.?
Pretty good assumption. You should look in the normal Apache log ad see if there is anything odd in there as well as it has the connection codes (200, 404, etc.).
Now that said, this sort of garbage is pretty standard if you have a machine connected to the internet. The bad guys are always looking for new victims. And by always, I mean 24/7/365.
As for suggestion, yeah here is a few:
- Are you running anything like mod_security? That tends to intercept this sort of stuff.
- Is your OS fully patched? And what distro are we talking about anyway?
- Do you have any sort of file monitoring in place? Like Aide or Samhain?
- Do you monitor the other logs on your system?
- Are you running a security protocol like SELinux?
- Have you verified that Apache is being run as an unprivileged user?
- Is Apache serving any sites that might be vulnerable to pre-canned attacks? I'm thinking of PHP based websites and things using a back-end database.