You are viewing a plain text version of this content. The canonical link for it is here.

Posted to apache-bugdb@apache.org by John McCain <jm...@dcbnet.com> on 1997/04/10 18:50:02 UTC

general/352: Error log should show IP address or host name for security auditing/troubleshooting

>Number:         352
>Category:       general
>Synopsis:       Error log should show IP address or host name for security auditing/troubleshooting
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache (Apache HTTP Project)
>State:          open
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Thu Apr 10 09:50:01 1997
>Originator:     jmccain@dcbnet.com
>Organization:
apache
>Release:        1.2X
>Environment:
Linux, Caldera or Red Hat recent install .  Don't know if 
this should be  actually in general or mod_proxy . 
>Description:
Error log messages should list host name when no route to host is
found or connection refused.  
Example...
[Thu Apr 10 10:08:00 1997] connect: No route to host
[Thu Apr 10 10:09:31 1997] connect: Connection refused

On first line, instead of "host" should have hostname or IP address.   
on second line, Connection refused should say who refused it.

Thanks,
John
>How-To-Repeat:
Try going to an invalid host name or one that returns a security error
>Fix:
I believe the host name is there, just print it in the error message
>Audit-Trail:
>Unformatted: