Thread from comp.lang.tcl (4 replies)
tclhttpd logs
I wonder if anyone is familiar with tclhttpd log entries and can shed some light on this: Typically each log entry contains a bunch of attributes including the ip address, a timestamp, the requested url, user agent, http code, etc. But I am seeing an increasing number of weird entries where most of that info is empty. The lines only include the ip address and the timestamp, and the rest is just "- - - - -". What does this mean?Click on article to view all threads in comp.lang.tcl
Re: tclhttpd logs
saito <saitology9@gmail.com> posted: > I wonder if anyone is familiar with tclhttpd log entries and can shed > some light on this: > > Typically each log entry contains a bunch of attributes including the ip > address, a timestamp, the requested url, user agent, http code, etc. > But I am seeing an increasing number of weird entries where most of that > info is empty. The lines only include the ip address and the timestamp, > and the rest is just "- - - - -". > > What does this mean? Yes I see this occasionally, got a single one yesterday, none today. I don't know what causes it though. -- Colin Macleod.Click on article to view all threads in comp.lang.tcl
Re: tclhttpd logs
On 7/3/2024 3:00 PM, Colin Macleod wrote: > > Yes I see this occasionally, got a single one yesterday, none today. I don't know what causes it though. > Yeah, it doesn't look kosher. I saw like 10 of them like that one after another. Then I get normal entries from the same source but the requests all appear to be hacking attempts containing shell commands with rm, cd, wget, or some .php stuff.Click on article to view all threads in comp.lang.tcl
Re: tclhttpd logs
saito <saitology9@gmail.com> posted: > > Yeah, it doesn't look kosher. I saw like 10 of them like that one after > another. Then I get normal entries from the same source but the > requests all appear to be hacking attempts containing shell commands > with rm, cd, wget, or some .php stuff. Here's a little thing I hacked up to return something suitable to the script kiddies who persist in probing for php weaknesses etc. : http://paste.tclers.tk/5935 -- Colin Macleod.Click on article to view all threads in comp.lang.tcl
Re: tclhttpd logs
On 7/4/2024 4:02 AM, Colin Macleod wrote: > > Here's a little thing I hacked up to return something suitable to the script kiddies who persist in probing for php weaknesses etc. : > http://paste.tclers.tk/5935 > Nice! they definitely deserve it :-)Click on article to view all threads in comp.lang.tcl