In the console of HTTPD I can see the connections and URL querys. But I leave the external access opened, for the other developers can see the work.
What is interesting to see is the access of scan programs (worms/virus) all the time. And they are a big trouble, since the HTTPD only can handle one access per time (the multi access doesn't work very well on Win32).
Well, the worms can't infect me, since the HTTPD only handle files, not executables. And they can't access things outside the DOCUMENT_ROOT. Well, is soo easy to denny access to other level path. I don't know how MS missed this on IIS5 (most of scans are exploits for ISS)! Was a big negligence by them, or they think that no one will explore this bugs!
Well, to avoid them I have restricted the access to only some IP ranges.
Internet this days was a mess! You always need to be in alert for SPAM, virus (well, a good anti-virus is always needed) and exploits (update the server too! And use a personal firewall). To avoid SPAM I haven't find a good tool, but a good tip is to not use easy e-mail adresses, like: joe@famous-domain.com. Is very easy for a SPAMER to make a list of famous domains a common names, and bingo, it sell the list for the fools. I think that sell/buy e-mail list should be a crime! And how buy a SPAM list, are only buying a list of e-mails that are not used, since receive a lot of SPAM, or a list of persons that hate SPAM!
If you want to play with HTTPD or see how your Internet neighbors are infected (specially for DSL/CABLE access), use this code, based on HPL::HTTPD:
** Hey, your ISP need to allow the port 80 and direct acces to your IP. If your IP is only for intranet (192.168.0.x/10.0.x.x), hummm... They are stealing money from you, since you can't use a lot of good services in the Internet, or you think that Internet is only http,ftp (the common services accessed by proxy/fw).
#!/usr/bin/perl # # simple-httpd.pl # use HTTP::Daemon; ## Install LWP. use HTTP::Status; use strict ; my $RN = "\015\012" ; my $port = 80 ; my $HTTPD = HTTP::Daemon->new( #LocalAddr => 'localhost' , LocalPort => $port , Listen => 5 , Reuse => 1 , Timeout => 30 , ) ; if ($HTTPD) { print "Server on port: $port\n\n" ;} else { die "Can't open server at port $HTTPD!\n" ;} open (LOG,">>log.txt") ; my $sel = select(LOG) ; $|=1 ; select($sel) ; while( (my $connection = $HTTPD->accept) || 1 ) { if (!$connection) { next ;} my %clt = ( ip => $connection->peerhost , port => $connection->peerport , ) ; my $req = $connection->get_request ; print "-----------------------------------------\n" ; print LOG "-----------------------------------------\n" ; print "Client: $clt{ip}:$clt{port}\n" ; print LOG "Client: $clt{ip}:$clt{port}\n" ; if (!$req) { print "Bad Request (400)\n" ;} else { my $url = &normalize_path( $req->url->path ) ; print "URL: $url\n" ; print LOG "URL: $url\n" ; $connection->send_basic_header( 200 ) ; ## 200 (not 403) to can +see the HTML in the browser. print $connection "Connection: close" . $RN ; print $connection "Content-type: text/html" . $RN.$RN ; print $connection "<title>403 Forbidden</title>\n" ; print $connection "<b>Forbiden (403)</b><br>\n" ; print $connection "Can't access: $url<p>\n" ; print $connection "<i>And don't scan my host!!!</i>\n" ; } print "-----------------------------------------\n\n" ; print LOG "-----------------------------------------\n\n" ; ## Other HTTPD methods: # $connection->send_error(403) ;} # $connection->send_file_response($root .'/'. $url) ;} close($connection) ; } close (LOG) ; exit ; ################## # NORMALIZE_PATH # ################## sub normalize_path { my ( $path ) = @_ ; if ($path eq '') { return() } $path =~ s/^\s+//gs ; $path =~ s/\s+^//gs ; $path =~ s/[\r\n].*$//s ; my $symb_ok = q`!#$%&'()+,-./:;=@[\]^{}~€ŸÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖÙÚÛ +ÜÝàáâãäåæçèéêëìíîïðñòóôõöùúûüýÿ`; my $symb_ok_out = q`*<>?"|`; $path =~ s/[^\w\s\Q$symb_ok\E]//gs ; $path =~ s/\\+/\//g ; if ($path !~ /^\// ) { $path = "/$path" ;} my ($type,$host) ; if ( $path =~ /^(\w+:)\/\/(.*)$/ ) { ($type,$path) = ($1,$2) } if ($type =~ /^(https?|ftps?):$/i ) { ($host,$path) = ( $path =~ /^( +.*?)(\/.*)$/ ) ;} $path =~ s/\/+/\//g ; $path =~ s/\/$// ; if ($path =~ /\/\.\.?\//) { my @path = split(/\//,$path) ; my @path2 ; foreach my $path_i ( @path ) { if ($path_i eq '.') { next } if ($path_i eq '..') { pop (@path2) ; next ;} push(@path2 , $path_i) ; } if ($path =~ /^\// && @path2[0] ne '') { unshift (@path2, "") } $path = join ("/", @path2) ; } if ($type ne '') { $path = "$type//$host$path" } return( $path ) ; } ####### # END # #######
Graciliano M. P.
"The creativity is the expression of the liberty".
In reply to How Internet is a mess. (Playing with HTTPD) by gmpassos
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |