On Wed, 2008-03-12 at 14:42 -0400, Matt Holtz wrote:
> looks like someone was scanning your machine to see if it was a proxy
> server.
>
> http://scanproxy.com/ for more info.
>
>
>
Someone in Shanghai, it appears. I was a little puzzled at seeing a
full URL in the GET request, I don't recall seeing that before. I
suppose a proxy server would handle that request differently than a
standard apache server. I kind of figured it was a scan of some sort,
and I did look at the scanproxy site as well, so I came to the same
conclusion as you. I am still curious about what sys scan does, just out
of academic curiosity. I was hoping someone on NAG might have some
knowledge of how this sort of scan works.
Thanks,
Eric W
> Eric Weston wrote:
> > The following appeared in the Apache logs of one of our servers:
> >
> > 202.120.43.208 - - [11/Mar/2008:11:17:20 -0400] "GET
> > http://www.scanproxy.com:80/p-80.html HTTP/1.0" 403 1908
> >
> > I'm not sure what to make of this, has anyone seen anything like this
> > before?
> >
> > Thanks,
> > Eric Weston
--
<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>
Eric Weston, Systems Department
MSU Libraries Information Technology Division
http://www.msu.edu/~westone
