[Dshield] apache access logs
steve at bob.reno.nv.us
Thu Feb 26 03:32:31 GMT 2004
In the last 24-48 hours I have received 3 or 4 requests to my web server
that I find unusual.
They read like this from the logs:
"SEARCH/±±±±±±±±±±±±±±±±±±± ~snip~ " 414 342
BUT they are 8,249 characters in length.
Now this obviously is some sort of overflow attack, But in 3-4 years of
reviewing my logs I have never run across this before.
Has anyone seen this, know what this is, can identify?
Any help would be appreciated,
More information about the list