Welcome to WebmasterWorld Fresh [webmasterworld.com].

I'll be honest with you, I've never seen those squares anywhere but (I think) it was Japanese conversions in either text editors or the like. However, I think that IP Number is in Amsterdam, so that ain't no where near Asia.

At any rate, this will give you something to read in the mean time and bump your post up. Sorry no one has come along sooner.

Be sure of one thing, you will get a definitive answer.

Pendanticist.

Thanks for the response. The idea that it comes from a language with a different character set seems plausible to me. Even though the IP is from Amsterdam, it could just be the IP of another proxy, right?

The only other thing I can think of is the person was on a dialup, and line noise sent those characters. I know that can happen with telnet, but would HTTP transmit line noise?

If windows cannot display a character because you don't have the correct font (usually a problem with languages with a lot of special characters like Japanese, Arabic, Thai, Korean, Hebrew, Chinese etc), it sometimes displays a square.

it could just be the IP of another proxy, right?

Of that, I do not know.

If windows cannot display a character because you don't have the correct font (usually a problem with languages with a lot of special characters like Japanese, Arabic, Thai, Korean, Hebrew, Chinese etc), it sometimes displayes a square.

Forgive me, but I have many, many fonts installed, yet I have never seen any other language characters in my log files.

Pendanticist.

Ascii character showing up in access logs

Actually, those are non-ASCII characters. Either it's a broken client program that puts some random binary garbage into the request string, or it's an attempt to exploit a specific vulnerability of a specific server software by sending some deliberate garbage.

Forgive me, but I have many, many fonts installed, yet I have never seen any other language characters in my log files.

For you to see any foreign characters in your logs, they would have to actually be in there first. ;)

Apart from that, having the right font installed isn't enough to display non-english resp. non-ASCII characters. Your software (eg. the text editor) also needs the meta information about which character set each character is encoded in. If this information is missing, as is the case for a plain text log file, then your editor has little chance of knowing which font to use, and will typically display some special replacement character, such as the boxes shown in the top post.

All this obviously assuming that the data in question actually consists of characters in some character set, and not just arbitrary bytes of binary data.

Now, that's what I call ...a definitive answer.

Thanks so much bird. :) Another hole in the old 'knowledge base' has just been filled.

Pendanticist.

If you look at your log in hex format (e.g. via Textpad) you should be able to see the exact value sent.

I notice random drek in my log files once a week or so. Unfortunately some of the codes can function as line feeds, or even end-of-file markers, and mess up my homebrew log reports. Usually it looks like a bug in the client software, but in this case it looks like it could be a deliberate attempt to exploit some kind of server vulnerability.