Semi Off Topic My searching hasn't found what I consider superior info, and we are wondering from others experience on this list... In the logwatch results we all see the info below on almost a daily basis I have taken the liberty of combining logwatch results from centos 4 and 5 machines for extra info and future searchability ----- Centos 4 ----- --------------------- httpd Begin ------------------------ GET http://scifi.pages.at/myproxies/azenv.php HTTP/1.1 with response code(s) 404 1 responses GET http://thecric.free.fr/AZenv/azenv.php HTTP/1.1 with response code(s) 404 1 responses ----- Centos 5 ----- --------------------- httpd Begin ------------------------ Requests with error response codes http://scifi.pages.at/myproxies/azenv.php: 2 Time(s) http://thecric.free.fr/AZenv/azenv.php: 2 Time(s) GET http://scifi.pages.at/myproxies/azenv.php HTTP/1.1 with response code(s) 404 3 responses GET http://thecric.free.fr/AZenv/azenv.php: 2 Time(s) HTTP/1.1 with response code(s) 404 3 responses Is it like people are setting up servers to do advertising in our logs while looking for some vulnerabilities? Thanks in advance for your insight... :-) - rh