Search Results

Search found 4 results on 1 pages for 'pantelis sopasakis'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/1 | 1 

  • Apache access.log interpretation

    - by Pantelis Sopasakis
    In the log file of apache (access.log) I find log entries like the following: 10.20.30.40 - - [18/Mar/2011:02:12:44 +0200] "GET /index.php HTTP/1.1" 404 505 "-" "Opera/9.80 (Windows NT 6.1; U; en) Presto/2.7.62 Version/11.01" Whose meaning is clear: The client with IP 10.20.30.40 applied a GET HTTP method on /index.php (that is to say http://mysite.org/index.php) receiving a status code 404 using Opera as client/browser. What I don't understand is entries like the following: 174.34.231.19 - - [18/Mar/2011:02:24:56 +0200] "GET http://www.siasatema.com HTTP/1.1" 200 469 "-" "Python-urllib/2.4" So here what I see is that someone (client with IP 174.34.231.19) accessed http://www.siasatema.com and got a 200 HTTP status code(?). It doesn't make sense to me... the only interpretation I can think of is that my apache server acts like proxy! Here are some other requests that don't have my site as destination... 187.35.50.61 - - [18/Mar/2011:01:28:20 +0200] "POST http://72.26.198.222:80/log/normal/ HTTP/1.0" 404 491 "-" "Octoshape-sua/1010120" 87.117.203.177 - - [18/Mar/2011:01:29:59 +0200] "CONNECT 64.12.244.203:80 HTTP/1.0" 405 556 "-" "-" 87.117.203.177 - - [18/Mar/2011:01:29:59 +0200] "open 64.12.244.203 80" 400 506 "-" "-" 87.117.203.177 - - [18/Mar/2011:01:30:04 +0200] "telnet 64.12.244.203 80" 400 506 "-" "-" 87.117.203.177 - - [18/Mar/2011:01:30:09 +0200] "64.12.244.203 80" 400 301 "-" "-" I believe that all these are related to some kind of attack or abuse of the server. Could someone explain to may what is going on and how to cope with this situation? Update 1: I disabled mod_proxy to make sure that I don't have an open proxy: # a2dismod proxy Where from I got the message: Module proxy already disabled I made sure that there is no file proxy.conf under $APACHE/mods-enabled. Finally, I set on my browser (Mozzila) my IP as a proxy and tried to access http://google.com. I was not redirected to google.com but instead my web page appeared. The same happened with trying to access http://a.b (!). So my server does not really work as a proxy since it does not forward the requests... But I think it would be better if somehow I could configure it to return a status code 403. Here is my apache configuration file: <VirtualHost *:80> ServerName mysite.org ServerAdmin webmaster@localhost DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/apache2/error.log LogLevel warn CustomLog /var/log/apache2/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost> Update 2: Using a block, I restrict the use of other methods than GET and POST... <Limit POST PUT CONNECT HEAD OPTIONS DELETE PATCH PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK> Order deny,allow Deny from all </Limit> <LimitExcept GET> Order deny,allow Deny from all </LimitExcept> Now methods other that GET are forbidden (403). My only question now is whether there is some trick to boot those how try to use my server as a proxy out...

    Read the article

  • IP Blacklists and suspicious inbound and outbound traffic

    - by Pantelis Sopasakis
    I administer a web server and recently we had our IP banned (!) from our host after they received a notification e-mail for abuse. In particular our server is allegedly involved in spam attacks over HTTP. The content of the abuse report email we received was not much informative - for example the IP addresses our server is supposed to have attacked against are not included - so I started a wireshark session checking for suspicious traffic over TCP/HTTP while trying to locate possible security holes on the system. (Let me note that the machine runs a Debian OS). Here is an example of such a request... Source: 89.74.188.233 Destination: 12.34.56.78 // my ip Protocol: HTTP Info: GET 'http://www.media.apniworld.com/image.php?type=hv' HTTP/1.0 I manually blacklisted this host (as well as some other ones) blocking them with iptables, but I can't keep on doing manually all day long... I'm looking for an automated way to block such IPs based on: Statistical analysis, pattern recognition or other AI-based analysis (Though, I'm reluctant to trust such a solution, if exists) Public blacklists Using DNSBL I actually found out that 89.74.188.233 is blacklisted. However other IPs which are strongly suspicious like 93.199.112.126 (i.e. http://www.pornstarnetwork.com/account/signin), unfortunately were not blacklisted! What I would like to do is to automatically connect my firewall with DNSBL (or some other blacklist database) and block all traffic towards blacklisted IPs or somehow have my local blacklist automatically updated.

    Read the article

  • Cannot create Desktop shortcut

    - by Pantelis
    I have a WiX project and I want to automatically create a ProgramMenu and Desktop shortcut. I've tried the following but the Desktop shortcut is not created. The ProgramMenu shortcut works great. <Product Id="*" Name="Application Name" Language="1033" Version="1.0.0.0" Manufacturer="Company Name"> <Package InstallerVersion="200" Compressed="yes" InstallScope="perMachine" Description="A description" Comments="Some Comments" /> <MajorUpgrade DowngradeErrorMessage="A newer version of [ProductName] is already installed." /> <MediaTemplate EmbedCab="yes"/> <!-- Minimal UI --> <UIRef Id="WixUI_Minimal"/> <!-- Adding the referenced components --> <Feature Id="Complete" Title="inStorHDRadio Complete" Level="1"> <ComponentGroupRef Id="InstallationComponents" /> <ComponentRef Id="ApplicationProgramsMenuShortcut"/> <ComponentRef Id="ApplicationDesktopShortcut"/> </Feature> </Product> <Fragment> <Directory Id="TARGETDIR" Name="SourceDir"> <!-- Installation Folder --> <Directory Id="ProgramFilesFolder"> <Directory Id="CompanyFolder" Name="CompanyName"> <Directory Id="InstallationFolder" Name="ApplicationName"/> </Directory> </Directory> <!-- Programs Menu Shortcut Folder --> <Directory Id="ProgramMenuFolder" Name="ProgramsMenu"> <Directory Id="ProgramsMenuCompanyFolder" Name="CompanyName"> <Directory Id="ProgramsMenuShortcutFolder" Name="ApplicationName"/> </Directory> </Directory> <!-- Desktop Shortcut Folder --> <Directory Id="DesktopShortcutFolder" Name="Desktop"/> </Directory> </Fragment> <!-- Compoments --> <Fragment> <ComponentGroup Id="inStorHDRadioComponents" Directory="InstallationFolder"> <!-- All application components in Program Files --> </ComponentGroup> <!-- SHORTCUTS --> <!--ProgramsMenu--> <DirectoryRef Id='ProgramsMenuShortcutFolder'> <Component Id='ApplicationProgramsMenuShortcut'> <RemoveFolder Id='RemoveProgramsMenuShortcutFolder' Directory='ProgramsMenuShortcutFolder' On='uninstall' /> <RemoveFolder Id='RemoveProgramsMenuCompanyFolder' Directory='ProgramsMenuCompanyFolder' On='uninstall' /> <Shortcut Id='ApplicationProgramsMenuShortcut' Name='Company Name' Target='[#Application.exe]' WorkingDirectory='InstallationFolder' Icon='application.ico' /> <RegistryValue Name='RegistryValueProgramMenuShortcut' Root='HKCU' Key='Software\Microsoft\[Manufacturer]\[ProductName]' Type='integer' Value='1' /> </Component> </DirectoryRef> <!--Desktop--> <DirectoryRef Id='DesktopShortcutFolder'> <Component Id='ApplicationDesktopShortcut'> <RemoveFolder Id='RemoveDesktopShortcutFolder' Directory='DesktopShortcutFolder' On='uninstall'/> <Shortcut Id='ApplicationDesktopShortcut' Name='Application Name' Target='[#Bootstrapper.exe]' WorkingDirectory='InstallationFolder' Directory='DesktopShortcutFolder' Advertise='no' Icon='application.ico'/> <RegistryValue Name='RegistryValDesktopShortcut' Root='HKCU' Key='Software\[Manufacturer]\[ProductName]' KeyPath='yes' Type='integer' Value='1' /> </Component> </DirectoryRef> </Fragment> <Fragment> <Icon Id="application.ico" SourceFile="Files\application.ico" /> <Icon Id="programs.ico" SourceFile="Files\programs.ico"/> <Property Id="ARPPRODUCTICON" Value="programs.ico" /> <Property Id="ARPHELPLINK" Value="http://www.company.com" /> </Fragment> Whats wrong with the code? The ProgramMenu shortcut is working perfectly fine, but the desktop one is not getting created.

    Read the article

  • Soundboard app: Play sound as long as the user is pressing the button

    - by Pantelis Proios
    I am making a soundboard app and i am using sounds with over 30sec duration. I am playing the sound by connecting in IB my action with a "touch down" event, however the sound keeps playing once started. I connected in the some button a "touch cancel" & "touch up outside" event that is supposed to stop the sound but for some reason it doesn't. Can anybody provide a solution to my problem? ---Edit--- Here is my code: -(IBAction)playSound:(id)sender { NSString *soundFile; soundFile = [[NSBundle mainBundle] pathForResource:@"testSound" ofType:@"mp3"]; audioPlayer = [[AVAudioPlayer alloc] initWithContentsOfURL:[NSURL fileURLWithPath:soundFile] error:nil]; audioPlayer.volume = volumeSlider.value; audioPlayer.numberOfLoops = -1; [audioPlayer prepareToPlay]; [audioPlayer play]; } -(IBAction)stopSound:(id)sender { [audioPlayer stop]; }

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1