[CentOS] I guess hacker me - URGENT
Adriano Frare
alfrare at e-alinux.com
Mon Jan 30 19:13:37 UTC 2006
I changed httpd.conf to
ProxyRequests Off
ProxyVia Off
And Priblem contine.
Adriano Frare
Les Mikesell wrote:
> On Mon, 2006-01-30 at 12:17, Adriano Frare wrote:
>
>>I use Centos 4.2 with all service pack installed. I verified traffic on
>>link WEB and I see port TCP 80 with many traffic.
>>
>>I accessed lod /var/log/httpd/access_log and show below.
>>
>>ca.com/members/index.php HTTP/1.0" 401 -
>>"http://members.sapphicerotica.com/members/index.php" "Mozilla/5.0 (
>>compatible; MSIE 5.01; Windows XP; NetCaptor )"
>>68.119.110.138 - - [30/Jan/2006:15:08:08 -0200] "GET
>>http://211.115.101.253/config/login?.done=http://smallbusiness.yahoo.com/services/index.php&.src=sbs&login=NsyncAngel9&passwd=xxxx
>>HTTP/1.0" 200 9794 "-" "-"
>>
>>I guess that hacker is using my SERVR APACHE to PROXY.
>
>
> The stock httpd.conf should have the
> #ProxyRequests On
> entry commented out as above. If you need to have it enabled
> you should control access with 'allow from' directives:
> http://httpd.apache.org/docs/2.0/mod/mod_proxy.html
>
More information about the CentOS
mailing list