BlueSky
msg:901032 | 9:28 am on Nov 4, 2003 (gmt 0) |
It retrieves Yahoo's homepage. The 200 says it was successful. Does that IP belong to your host? Just a guess -- maybe the script doing this is on your server or someone outside is using your server to run scripts?
|
nancyb
msg:901033 | 5:28 pm on Nov 4, 2003 (gmt 0) |
just checked and I'm getting one of these almost every day since late Sept. Just one hit a day, always a 200 and always from 64.222.xxx.xx or 64.223.xxx.xx ip range. IPs resolve to verizon.net BlueSky can you explain a little more what this could be. I run no scrips on my site so now I'm curious. Thanks,
|
bakedjake
msg:901034 | 5:29 pm on Nov 4, 2003 (gmt 0) |
You have an open proxy. Are you on apache, and running mod_proxy? Make sure you restrict mod_proxy access by IP in your httpd.conf file, or turn it off if you don't need it. An open proxy can be a very bad thing.
|
nancyb
msg:901035 | 6:10 pm on Nov 4, 2003 (gmt 0) |
panicked for a minute .... just re-checked though and all proxy directives are commented out in httpd.conf. any other reason for getting these hits?
|
bakedjake
msg:901036 | 6:13 pm on Nov 4, 2003 (gmt 0) |
n- that's really bizarre. Can you telnet to port 80 on your webserver, and issue the command: GET http*//www.yahoo.com/ And see what it returns? (Replace the star with colon - darn autolinking.)
|
nancyb
msg:901037 | 6:37 pm on Nov 4, 2003 (gmt 0) |
ah geeze bakedjake, you had to go and ask me to do something that shows how little I know ;) :(. I've never telenetted (?), don't know how. Can I check this some other way?
|
bakedjake
msg:901038 | 7:17 pm on Nov 4, 2003 (gmt 0) |
n- since you don't have an open proxy, I'd be willing to bet that your server is just returning your homepage when yahoo is requested. You can be sure of this, if you'd like, by writing a script that calls your machine and requests yahoo. Something /is/ being returned, hence the 200, though. jdMorgan and wkitty42 attack a similar issue here: [webmasterworld.com...]
|
nancyb
msg:901039 | 7:59 pm on Nov 4, 2003 (gmt 0) |
checked out that thread but it is way over my head. :o You are right that it is returning my home page as the bytes sent match. thought I could go off and do some real work today but you've alerted me to something else I need to go learn. Some days I feel like my computer illiterate friend who tells me repeatedly that this "net stuff" and computers are never going to last. Sometimes .... on days like this, I wish he was right ;)
|
ses4j
msg:901040 | 8:13 pm on Nov 4, 2003 (gmt 0) |
Thanks, bakedjake, for that thread reference. So apparently they're just Chinese open-proxy checks, and do not necessarily indicate that you HAVE an open proxy. I plan to just ignore it. And here's hoping the Chinese totalitarianism falls and they'll be free to surf all the pr0n and political forums they want. :) Scott
|
bakedjake
msg:901041 | 8:14 pm on Nov 4, 2003 (gmt 0) |
Careful there ses4j - political comments are generally frowned upon here.
|
BlueSky
msg:901042 | 8:37 pm on Nov 4, 2003 (gmt 0) |
| So apparently they're just Chinese open-proxy checks, and do not necessarily indicate that you HAVE an open proxy. |
|
The IP you posted is not from China whereas the one in the other post is. Chinese are not the only ones who look for open proxies.
|
ses4j
msg:901043 | 8:51 pm on Nov 4, 2003 (gmt 0) |
hehe, okay, okay... sorry about that, and no offense to the non-Chinese open-proxy hunters, I didn't mean to make you feel left out. The important thing for me is that it's just someone looking for an open proxy and not finding one here, and nothing more serious. Thanks everyone! Scott
|
|
