On Sat, Jan 25, 2003 at 05:11:29AM -0600, Richard Rauch wrote:
> I was peering through my logs, and I saw something that made me gape
> in horror: Someone was connecting to my web-server using a CONNECT
> and going out to port 25 on a remote host.
> 
> They only did this once.  Another joker tried it, too, also only
> once.
> 
> I had set up Apache 2 to play with.  It looks like Apache declined
> the CONNECT request, but it didn't log to error_log.
> 
> Should I be paranoid?  Well, okay, I probably should be; rather
> let me ask, is this okay, or does something need to be fixed?

<Location />
Order allow,deny
Deny from all
 <Limit GET PUT POST>
 Allow from all
 <Llimit>
</Location>
-- 
Kevin P. Neal                                http://www.pobox.com/~kpn/
           On the community of supercomputer fans:
"But what we lack in size we make up for in eccentricity." 
  from Steve Gombosi, comp.sys.super, 31 Jul 2000 11:22:43 -0600