March 29th, 2008, 12:21 AM
unusual gets in apache access log - mac osx
I run a web server strictly for development use on apache and mac os x. I have noticed some unusual requests in the access log. Specifically, GET http://www.anonymitytest.com/cgi-bin/textenv.pl. I am not a security wiz, but I assume someone is trying to use my server as anonymous proxy. Under the Mac OS X server admin settings I have the proxy disabled. However the proxy module is on. I need to be able to connect remotely via ssh and secure ftp. Should I just disable the proxy module, and are there other security checks I should perform to insure no malware has been installed?
Thanks for your help!
March 29th, 2008, 11:46 AM
It's a perl script they're looking for. What's the status code you get
on the "get" in the log? If I had to make a guess, they're simply looking
to see if you're running a proxy already.
I like doing a whois just for the heck of it. Not that that makes much
difference in this case. Chit, you never know what'll turn up in a log
“Everybody is ignorant, only on different subjects.” — Will Rogers
By thehorse13 in forum The Security Tutorials Forum
Last Post: December 31st, 2005, 01:17 PM
By \/IP3R in forum AntiOnline's General Chit Chat
Last Post: March 7th, 2005, 09:25 PM
By HDD in forum Other Tutorials Forum
Last Post: February 1st, 2004, 07:05 PM
By hatebreed2000 in forum AntiOnline's General Chit Chat
Last Post: March 14th, 2003, 05:36 AM
By free-fall in forum Newbie Security Questions
Last Post: December 20th, 2002, 04:44 AM