On Mon, 10 Feb 2003, Chuck Swiger wrote: I have the same thing. On my server here are the logs 200.14.205.202 - - [13/Jan/2003:17:41:25 -0700] "GET /sumthin HTTP/1.0" 404 273 200.14.205.202 - - [13/Jan/2003:19:43:39 -0700] "GET /sumthin HTTP/1.0" 404 273 168.172.1.253 - - [14/Jan/2003:07:29:48 -0700] "GET /sumthin HTTP/1.0" 404 273 168.172.1.253 - - [14/Jan/2003:10:22:26 -0700] "GET /sumthin HTTP/1.0" 404 273 66.92.237.109 - - [15/Jan/2003:09:01:57 -0700] "GET /sumthin HTTP/1.0" 404 273 66.92.237.109 - - [15/Jan/2003:10:55:01 -0700] "GET /sumthin HTTP/1.0" 404 273 63.137.232.127 - - [16/Jan/2003:09:27:40 -0700] "GET /sumthin HTTP/1.0" 404 273 63.137.232.127 - - [16/Jan/2003:11:23:18 -0700] "GET /sumthin HTTP/1.0" 404 273 206.191.114.180 - - [19/Jan/2003:01:56:37 -0700] "GET /sumthin HTTP/1.0" 404 273206.191.114.180 - - [19/Jan/2003:02:39:36 -0700] "GET /sumthin HTTP/1.0" 404 273210.60.249.3 - - [23/Jan/2003:00:41:40 -0700] "GET /sumthin HTTP/1.0" 404 273 210.60.249.3 - - [23/Jan/2003:01:18:14 -0700] "GET /sumthin HTTP/1.0" 404 273 80.55.4.238 - - [25/Jan/2003:22:55:53 -0700] "GET /sumthin HTTP/1.0" 404 273 80.55.4.238 - - [26/Jan/2003:00:49:29 -0700] "GET /sumthin HTTP/1.0" 404 273 204.232.9.3 - - [28/Jan/2003:00:24:33 -0700] "GET /sumthin HTTP/1.0" 404 273 204.232.9.3 - - [28/Jan/2003:03:11:21 -0700] "GET /sumthin HTTP/1.0" 404 273 151.8.41.20 - - [28/Jan/2003:03:26:01 -0700] "GET /sumthin HTTP/1.0" 404 273 151.8.41.20 - - [28/Jan/2003:04:02:22 -0700] "GET /sumthin HTTP/1.0" 404 273 203.43.146.4 - - [29/Jan/2003:17:24:28 -0700] "GET /sumthin HTTP/1.0" 404 273 203.43.146.4 - - [29/Jan/2003:19:14:59 -0700] "GET /sumthin HTTP/1.0" 404 273 218.108.39.88 - - [04/Feb/2003:20:53:00 -0700] "GET /sumthin HTTP/1.0" Here are some other abnormals. Does anyone know what they are trying to do? 24.95.60.115 - - [06/Feb/2003:21:35:37 -0700] "GET /.private.d/log.html HTTP/1.0" 404 285 24.95.60.115 - - [06/Feb/2003:21:43:00 -0700] "GET /.private.d/log.html HTTP/1.0" 404 285 24.95.60.115 - - [06/Feb/2003:21:52:03 -0700] "GET /.private.d/log.html HTTP/1.0" 404 285 24.95.60.115 - - [06/Feb/2003:21:52:06 -0700] "GET /.private.d/log.html HTTP/1.0" 404 285 24.95.60.115 - - [07/Feb/2003:06:34:31 -0700] "GET /.private.d/log.html HTTP/1.0" 404 285 24.95.60.115 - - [07/Feb/2003:07:28:36 -0700] "GET /logs.d/index.html HTTP/1.0" 404 283 24.95.60.115 - - [07/Feb/2003:13:47:59 -0700] "GET /.private.d/log.html HTTP/1.0" 404 285 SSL [14/Oct/2002 14:12:09 00734] [error] Init: Private key not found (OpenSSL library error follows) [14/Oct/2002 14:12:09 00734] [error] OpenSSL: error:0D084069:asn1 encoding routines:d2i_ASN1_SET:bad tag [14/Oct/2002 14:12:09 00734] [error] OpenSSL: error:0D09D082:asn1 encoding routines:d2i_RSAPrivateKey:parsing [14/Oct/2002 14:12:09 00734] [error] OpenSSL: error:0D09B00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib [14/Oct/2002 14:12:16 00767] [error] Init: Private key not found (OpenSSL library error follows) [14/Oct/2002 14:12:16 00767] [error] OpenSSL: error:0D084069:asn1 encoding routines:d2i_ASN1_SET:bad tag [14/Oct/2002 14:12:16 00767] [error] OpenSSL: error:0D09D082:asn1 encoding routines:d2i_RSAPrivateKey:parsing [14/Oct/2002 14:12:16 00767] [error] OpenSSL: error:0D09B00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib [14/Oct/2002 15:26:21 01058] [error] SSL handshake failed (server prismwireless.net:443, client 61.63.154.42) (OpenSSL library error follows) [14/Oct/2002 15:26:21 01058] [error] OpenSSL: error:1406B458:lib(20):func(107):reason(1112) [27/Oct/2002:12:21:09 -0700] 216.98.66.5 - - "GET /mod_ssl:error:HTTP-request HTTP/1.0" 53 Enjoy, Richard Rager ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Feb 11 2003 - 11:30:38 PST