LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-30-2003, 05:56 PM   #1
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Rep: Reputation: 57
Apache Log


Whats up with this access_log entry? The domain name scares me a little bit.

dont-look-now-but-i-think-your-toaster-is-rooted.proxycheck.gamesnet.net - - [30/Jan/2003:17:58:38 -0500] "CONNECT 65.122.104.42:6667 HTTP/1.0" 405 316 "-" "-"
 
Old 01-31-2003, 07:05 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
http://www.linuxquestions.org/questi...564#post208564
Kinda kewl tho, cuz proxycheck.gamesnet.net is one of those nice FQDN's resolving to localhost :-] Gamesnet.net itself some IRC swamp.
U been using them?
 
Old 01-31-2003, 08:18 AM   #3
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Original Poster
Rep: Reputation: 57
I knew that you would be the one to answer me unSpawn. Thanks. Don't you think that name is scary?
 
Old 01-31-2003, 09:57 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Yeah, np, and no, I don't. IMO it could be part of their proxyscan to send a stupid FQDN like that. Easiest way to find out if they're scanning this way (if you're using gamesnet.net) would be to run tcpdump, bitchx to their network, let 'em scan and look in the packets for a clue.
 
Old 01-31-2003, 12:43 PM   #5
Crashed_Again
Senior Member
 
Registered: Dec 2002
Location: Atlantic City, NJ
Distribution: Ubuntu & Arch
Posts: 3,503

Original Poster
Rep: Reputation: 57
I'm lost again. FQDN=Fully Qualified Domain Name right? Run tcpdump, gotcha, and then bitchx. Hmm.. bitchx? Not sure what that is.

On a personal note; Are you certified in Linux unSpawn?
 
Old 02-01-2003, 08:27 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Sorry. Ment IRC. And no, I ain't.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Strange results in /var/log/apache/access.log subt13 Linux - Security 2 08-03-2004 01:21 PM
Apache Log rajbaxi Linux - Security 12 03-21-2004 11:28 PM
More Apache Log Errors! Crashed_Again Linux - General 2 02-27-2003 05:21 AM
apache access log mindcry Linux - Security 6 02-12-2003 12:17 PM
Apache Session Log? abelsgmx Linux - Networking 4 06-11-2002 03:44 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration