[Dshield] apache access logs

Steven VanDeBogart steve at bob.reno.nv.us
Thu Feb 26 03:32:31 GMT 2004

In the last 24-48 hours I have received 3 or 4 requests to my web server 
that I find unusual.
They read like this from the logs:
  [25/Feb/2004:09:58:18 -0800] 
"SEARCH/±±±±±±±±±±±±±±±±±±± ~snip~ " 414 342

BUT they are 8,249 characters in length.
Now this obviously is some sort of overflow attack, But in 3-4 years of 
reviewing my logs I have never run across this before.
Has anyone seen this, know what this is, can identify?
Any help would be appreciated,

More information about the list mailing list