On Wed, 2008-03-12 at 14:42 -0400, Matt Holtz wrote: > looks like someone was scanning your machine to see if it was a proxy > server. > > http://scanproxy.com/ for more info. > > > Someone in Shanghai, it appears. I was a little puzzled at seeing a full URL in the GET request, I don't recall seeing that before. I suppose a proxy server would handle that request differently than a standard apache server. I kind of figured it was a scan of some sort, and I did look at the scanproxy site as well, so I came to the same conclusion as you. I am still curious about what sys scan does, just out of academic curiosity. I was hoping someone on NAG might have some knowledge of how this sort of scan works. Thanks, Eric W > Eric Weston wrote: > > The following appeared in the Apache logs of one of our servers: > > > > 202.120.43.208 - - [11/Mar/2008:11:17:20 -0400] "GET > > http://www.scanproxy.com:80/p-80.html HTTP/1.0" 403 1908 > > > > I'm not sure what to make of this, has anyone seen anything like this > > before? > > > > Thanks, > > Eric Weston -- <^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^> Eric Weston, Systems Department MSU Libraries Information Technology Division http://www.msu.edu/~westone