You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by System <sy...@eluminoustechnologies.com> on 2003/04/02 16:52:51 UTC
[users@httpd] Invalid method in request \x80L\x01\x03
Hello All,
since yesterday httpd logfiles are filling with entries like these:
[Wed Apr 2 09:43:01 2003] [error] [client 64.133.59.136] Invalid method in
request \x80L\x01\x03
Does anybody have seen this before? I never saw the \x??? request stuff
before. Maybe some kind of DoS attack / exploit attempt?
Thank you,
Tina...
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Invalid method in request \x80L\x01\x03
Posted by Lee Fellows <lf...@4lane.com>.
On Wed, 2003-04-02 at 10:25, System wrote:
> The corresponding entry in my acess_log file.
>
> 64.68.86.79 - - [02/Apr/2003:10:04:21 -0500] "\x80%\x01\x03\x01" 501 -
>
> Thank you,
>
> Tina.
>
Yes. If you want to confirm if this is an https access to an http
host, you could try it by making an https request to your host that
generated this error. If the host is an http host listening on port
80, try https://your.host:80/ and see if that matches what you saw in
the log before. If this was supposed to be an https (SSL) enabled
host, and you get the above log entry when accessing it using https,
then you need to double-check your configuration because https (SSL)
has not been enabled.
HTH
--
Lee Fellows <lf...@4lane.com>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Invalid method in request \x80L\x01\x03
Posted by System <sy...@eluminoustechnologies.com>.
The corresponding entry in my acess_log file.
64.68.86.79 - - [02/Apr/2003:10:04:21 -0500] "\x80%\x01\x03\x01" 501 -
Thank you,
Tina.
----- Original Message -----
From: "Lee Fellows" <lf...@4lane.com>
To: <us...@httpd.apache.org>
Sent: Wednesday, April 02, 2003 8:50 PM
Subject: Re: [users@httpd] Invalid method in request \x80L\x01\x03
> On Wed, 2003-04-02 at 09:52, System wrote:
> > Hello All,
> >
> > since yesterday httpd logfiles are filling with entries like these:
> >
> > [Wed Apr 2 09:43:01 2003] [error] [client 64.133.59.136] Invalid method
in
> > request \x80L\x01\x03
> >
> > Does anybody have seen this before? I never saw the \x??? request stuff
> > before. Maybe some kind of DoS attack / exploit attempt?
> >
> This is almost funny. Didn't we see precisely the same pattern once
> before just recently?
>
> What does the corresponding entry in your access_log file look like?
>
> My guess is someone attempted to access a non-https port using
> the https protocol. Now whether this was accidental, i.e., someone
> entering https://xxx.xxx.xxx.xxx:80/, or someone attempting to
> correctly access port 443 when the host monitoring that port is not
> configured for SSL, I do not know.
>
>
> --
> Lee Fellows <lf...@4lane.com>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Invalid method in request \x80L\x01\x03
Posted by Lee Fellows <lf...@4lane.com>.
On Wed, 2003-04-02 at 09:52, System wrote:
> Hello All,
>
> since yesterday httpd logfiles are filling with entries like these:
>
> [Wed Apr 2 09:43:01 2003] [error] [client 64.133.59.136] Invalid method in
> request \x80L\x01\x03
>
> Does anybody have seen this before? I never saw the \x??? request stuff
> before. Maybe some kind of DoS attack / exploit attempt?
>
This is almost funny. Didn't we see precisely the same pattern once
before just recently?
What does the corresponding entry in your access_log file look like?
My guess is someone attempted to access a non-https port using
the https protocol. Now whether this was accidental, i.e., someone
entering https://xxx.xxx.xxx.xxx:80/, or someone attempting to
correctly access port 443 when the host monitoring that port is not
configured for SSL, I do not know.
--
Lee Fellows <lf...@4lane.com>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org