Laslo7
04-01-2003, 12:34 PM
Could someone tell me what these log entries are?
217.21.114.152 - - [01/Apr/2003:09:14:46 -0600] "\x04\x01" 200 906 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:14:46 -0600] "\x04\x01" 200 906 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:15:06 -0600] "\x05\x01" 200 906 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:15:06 -0600] "\x05\x01" 200 906 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:15:06 -0600] "CONNECT 64.157.4.82:25 HTTP/1.1" 200 918 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:15:11 -0600] "CONNECT 65.54.252.99:25 HTTP/1.1" 200 918 "-" "-"
Looks like a relay scan but I have no idea.
I am using Apache 1.3.27 on RedHat 7.3
I only have ports 22, 80 and 443 open to the public.
Any insight would be greatly appreciated.
AJ
217.21.114.152 - - [01/Apr/2003:09:14:46 -0600] "\x04\x01" 200 906 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:14:46 -0600] "\x04\x01" 200 906 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:15:06 -0600] "\x05\x01" 200 906 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:15:06 -0600] "\x05\x01" 200 906 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:15:06 -0600] "CONNECT 64.157.4.82:25 HTTP/1.1" 200 918 "-" "-"
217.21.114.152 - - [01/Apr/2003:09:15:11 -0600] "CONNECT 65.54.252.99:25 HTTP/1.1" 200 918 "-" "-"
Looks like a relay scan but I have no idea.
I am using Apache 1.3.27 on RedHat 7.3
I only have ports 22, 80 and 443 open to the public.
Any insight would be greatly appreciated.
AJ