On Sat, 2007-06-02 at 11:05 -0400, linuxmaillists@xxxxxxxxxxx wrote: > Does any one know what this site is trying to do? > > Taken from my logwatch report > > --------------------- httpd Begin ------------------------ > > > Requests with error response codes > 404 Not Found > http://www.diyproxy.com/ap/flag.txt: 1 Time(s) > > ---------------------- httpd End ------------------------- The logwatch is really only a brief summary. You want to look at the proper webserver logs, in /var/log/httpd (access or error logs). Use grep to find the diyproxy entry in them. You'll probably find that someone's trying to see if they can use your webserver as a proxy, for their own nefarious purposes. > Clicking on the link above takes you to the text page with > only this on it: > > :Long:Long I'd be loathe to go clicking on links logged in my webserver logs that seems suspicious. At the very least, don't do such things in web browsers which have Java, JavaScript, and numerous exploits. Try looking at a source dump using Lynx, instead. -- (This PC runs FC4, my others FC5 & FC6, in case that's important to the thread) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
