[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Hacked?
- Subject: Re: [cobalt-users] Hacked?
- From: "roland" <roland@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue Sep 24 06:22:53 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
> Strange entries in the apache this morning...looked through all I
> know to check and see no evidence that it was successful. Netstat,
> logs, chkrootkit output all seem normal. Anything else obvious I
> should check? The following sequence was repeated 30 minutes later
> from another netblock
> (first .jp and second .lt)
>
> [Tue Sep 24 03:01:12 2002] [error] [client xxx.xxx.xxx.xxx] client sent
> HTTP/1.1 request without hostname (see RFC2616 section 14.23): /
>
> [Tue Sep 24 03:01:12 2002] [error] [client xxx.xxx.xxx.xxx] client sent
> HTTP/1.1 request without hostname (see RFC2616 section 14.23): /
>
> [Tue Sep 24 03:01:12 2002] [error] [client xxx.xxx.xxx.xxx] client sent
> HTTP/1.1 request without hostname (see RFC2616 section 14.23): /
>
> [Tue Sep 24 03:01:12 2002] [error] [client xxx.xxx.xxx.xxx] client sent
> HTTP/1.1 request without hostname (see RFC2616 section 14.23): /
>
> [Tue Sep 24 03:01:20 2002] [error] mod_ssl: SSL handshake failed (server
> yyy.yyy.yyy.yyy:443, client xxx.xxx.xxx.xxx) (OpenSSL library error
> follows)
> [Tue Sep 24 03:01:20 2002] [error] OpenSSL: error:1406908F:SSL
> routines:GET_CLIENT_FINISHED:connection id is different
> [Tue Sep 24 03:01:21 2002] [notice] child pid 27426 exit signal Segmentation
> fault (11)
>
> _____________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
You have not been hacked, thats an error you should ignore.