I am trying to set up my first Apache web server on Fedora Core 1. I have configured everything correctly (I think), and my temporary index page is accessible. However, in checking my logs, I have noticed that a constant stream of accesses has begun. The log shows up to 6 or so requests per minute, and it continues until I stop the http daemon. The requests come from all different IPs, none of which I recognize. The log looks something like:
Dozens and dozens of these, all with different IP addresses: (xxx.xxx.xxx.xxx = address of request)
xxx.xxx.xxx.xxx - - [30/Jan/2004:18:56:28 -0600] "<?xml version=\"1.0\"?>" 400 337 "-" "-"
Also, a number of these:
xxx.xxx.xxx.xxx - - [27/Jan/2004:19:09:43 -0600] "POST /zbbpreq/1075252193968000 HTTP/1.1" 404 333 "-" "Kontiki Client 2.11.30820.0"
I'm no security expert, so what do these mean? Am I just being scanned? Only about 6 people know that I even have a web page up, so this doesn't seem like normal traffic. Just wondering if anyone has seen this in thier logs before.
Cheers
Dozens and dozens of these, all with different IP addresses: (xxx.xxx.xxx.xxx = address of request)
xxx.xxx.xxx.xxx - - [30/Jan/2004:18:56:28 -0600] "<?xml version=\"1.0\"?>" 400 337 "-" "-"
Also, a number of these:
xxx.xxx.xxx.xxx - - [27/Jan/2004:19:09:43 -0600] "POST /zbbpreq/1075252193968000 HTTP/1.1" 404 333 "-" "Kontiki Client 2.11.30820.0"
I'm no security expert, so what do these mean? Am I just being scanned? Only about 6 people know that I even have a web page up, so this doesn't seem like normal traffic. Just wondering if anyone has seen this in thier logs before.
Cheers
Facebook
Twitter