 |
 |
I know some sites use a scan like this to see if you have an open proxy. Drew On Mar 12, 2008, at 16:01 , Eric Weston wrote: > On Wed, 2008-03-12 at 14:42 -0400, Matt Holtz wrote: >> looks like someone was scanning your machine to see if it was a proxy >> server. >> >> http://scanproxy.com/ for more info. >> >> >> > > > Someone in Shanghai, it appears. I was a little puzzled at seeing a > full URL in the GET request, I don't recall seeing that before. I > suppose a proxy server would handle that request differently than a > standard apache server. I kind of figured it was a scan of some sort, > and I did look at the scanproxy site as well, so I came to the same > conclusion as you. I am still curious about what sys scan does, just > out > of academic curiosity. I was hoping someone on NAG might have some > knowledge of how this sort of scan works. > > Thanks, > Eric W > > >> Eric Weston wrote: >>> The following appeared in the Apache logs of one of our servers: >>> >>> 202.120.43.208 - - [11/Mar/2008:11:17:20 -0400] "GET >>> http://www.scanproxy.com:80/p-80.html HTTP/1.0" 403 1908 >>> >>> I'm not sure what to make of this, has anyone seen anything like >>> this >>> before? >>> >>> Thanks, >>> Eric Weston > -- > <^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^>^<^> > Eric Weston, Systems Department > MSU Libraries Information Technology Division > http://www.msu.edu/~westone Drew Bomhof Systems Administration Research Technology Support Facility 202-C BIochemistry BLDG e [log in to unmask] p 517.353.7236