> -----Original Message----- > From: sfat_private [mailto:sfat_private] > Sent: 28 September 2002 08:15 > To: incidentsat_private > Subject: Snake in the grass > > > Has anyone seen these before? ((Mods: Port 80)) 209.29.94.x - > - [24/Sep/2002:06:00:12 -0400] "\xc1\xe1\x88%2?\xef\xa4 > \xeb+NP\xdc\x93\xfd\xf9\x83\xd7\xef\xe8i\v\xb1\x83\xeb\xf7\xa4\v\x > b0 \x7f\x9c\xcf\xd3\x1a\x97a\xd4`$\x07\xba\xbfG\xf1v\xc0\xd6\x03 > \xa7'#\xca\xe7\v\x0e\x16\xd9\x13E`\xaa\x96)M5vb\xb0r6\xa4\xe7/\xeb > \x1b\x11 \xac\x9c!\x99\xe3\xf6" 400 373 "-" "-" 209.29.94.x - - I had some similar-looking stuff in my log whilst struggling to get Tomcat working with Apache and mod_jk. Once I had fixed all my configuration mistakes the log entries went away. Maybe someone elses' Tomcat server is wrongly trying to talk ajp to you? ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Sep 29 2002 - 13:16:05 PDT