You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Francisco Ruiz Ibañez <fl...@comunet.es> on 2006/06/12 10:52:09 UTC
[users@httpd] PROPFIND record in access_log of apache2 under windows
Hi all,
Last weekend, I've seen in my access_log many records like:
"x.x.x.x - - [11/Jun/2006:00:09:14 +0200] "PROPFIND /pub/ HTTP/1.1" 405 325
"-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
This is in apache2 under windows:
What does it mean? is it a malicious action like denial of service?
best regards
----------------------------------------------------------------------------
Este correo electrónico contiene información privada que puede estar legalmente protegida, parcial o totalmente. Es sólo para uso del destinatario al que está dirigido. Si ha recibido este mensaje por error, le rogamos que lo notifique al remitente del email y que además borre de su sistema el mensaje así como todas sus copias, incluyendo las posibles copias del mismo en su disco duro, y se abstenga de usar, revelar, distribuir a terceros, imprimir o copiar ninguna de las partes de este mensaje.
Los datos personales que pueda contener el presente mensaje, ya sea en su contenido o en los destinatarios, cumplen con lo establecido en la Ley Orgánica 15/1999, de 13 de diciembre, de Protección Datos de Carácter Personal.
----------------------------------------------------------------------------
This e-mail contains proprietary information some or all of which may be legally protected. It is for sole use of the intended recipient only. If you have received this message by mistake, you are requested to notify the e-mail sender and erase both the message and any copies from your system, including hard disk copies. You are further requested to refrain from using, distributing to third parties, printing or making copies of any parts of this message.
The personal data that may appear in this e-mail message are in accordance with the Organic Law 15/1999 of 13 December on the Protection of Personal Data.
----------------------------------------------------------------------------
Re: [users@httpd] PROPFIND record in access_log of apache2 under windows
Posted by Rainer Sokoll <R....@intershop.de>.
On Mon, Jun 12, 2006 at 11:29:12AM +0200, Francisco Ruiz Ibañez wrote:
> No, the ip is from out of our network.
Then I would think this is regular background noise.
Anyway: As long as you do not offer DAV, you should be safe in this
particular case.
Rainer
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] PROPFIND record in access_log of apache2 under windows
Posted by Francisco Ruiz Ibañez <fl...@comunet.es>.
No, the ip is from out of our network.
-----Mensaje original-----
De: Rainer Sokoll [mailto:R.Sokoll@intershop.de]
Enviado el: lunes, 12 de junio de 2006 11:05
Para: users@httpd.apache.org
Asunto: Re: [users@httpd] PROPFIND record in access_log of apache2 under
windows
On Mon, Jun 12, 2006 at 10:52:09AM +0200, Francisco Ruiz Ibañez wrote:
> Hi all,
> Last weekend, I've seen in my access_log many records like:
>
> "x.x.x.x - - [11/Jun/2006:00:09:14 +0200] "PROPFIND /pub/ HTTP/1.1" 405
325
> "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
>
> This is in apache2 under windows:
>
> What does it mean? is it a malicious action like denial of service?
Most probably not, if x.x.x.x belongs to your LAN.
Background: If a windows box mounts a share (/pub/, in your case), it
thinks that there might be a WebDAV share also.
Stupid behaviour.
Rainer
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
----------------------------------------------------------------------------
Este correo electrónico contiene información privada que puede estar legalmente protegida, parcial o totalmente. Es sólo para uso del destinatario al que está dirigido. Si ha recibido este mensaje por error, le rogamos que lo notifique al remitente del email y que además borre de su sistema el mensaje así como todas sus copias, incluyendo las posibles copias del mismo en su disco duro, y se abstenga de usar, revelar, distribuir a terceros, imprimir o copiar ninguna de las partes de este mensaje.
Los datos personales que pueda contener el presente mensaje, ya sea en su contenido o en los destinatarios, cumplen con lo establecido en la Ley Orgánica 15/1999, de 13 de diciembre, de Protección Datos de Carácter Personal.
----------------------------------------------------------------------------
This e-mail contains proprietary information some or all of which may be legally protected. It is for sole use of the intended recipient only. If you have received this message by mistake, you are requested to notify the e-mail sender and erase both the message and any copies from your system, including hard disk copies. You are further requested to refrain from using, distributing to third parties, printing or making copies of any parts of this message.
The personal data that may appear in this e-mail message are in accordance with the Organic Law 15/1999 of 13 December on the Protection of Personal Data.
----------------------------------------------------------------------------
Re: [users@httpd] PROPFIND record in access_log of apache2 under windows
Posted by Rainer Sokoll <R....@intershop.de>.
On Mon, Jun 12, 2006 at 10:52:09AM +0200, Francisco Ruiz Ibañez wrote:
> Hi all,
> Last weekend, I've seen in my access_log many records like:
>
> "x.x.x.x - - [11/Jun/2006:00:09:14 +0200] "PROPFIND /pub/ HTTP/1.1" 405 325
> "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"
>
> This is in apache2 under windows:
>
> What does it mean? is it a malicious action like denial of service?
Most probably not, if x.x.x.x belongs to your LAN.
Background: If a windows box mounts a share (/pub/, in your case), it
thinks that there might be a WebDAV share also.
Stupid behaviour.
Rainer
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org