6
1
I keep seeing the following error in Apache error log. Anyone has any idea what this is?
client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23):
/w00tw00t.at.ISC.SANS.DFind:)
Cory
Posted 2010-03-11T15:50:03.590
Reputation: 169
3
According to http://isc.sans.org/diary.html?storyid=900 it's an exploit scanner. Nothing to be concerned about if you are up to date, I've got them in my logs too.
Johnas
Posted 2010-03-11T15:50:03.590
Reputation: 347
0
Looks like there is a client who is trying to access the resource /w00tw00t.at.ISC.SANS.DFind on your server, but the client has been implemented poorly and not followed the spec, which states:
A client MUST include a Host header field in all HTTP/1.1 request messages . If the requested URI does not include an Internet host name for the service being requested, then the Host header field MUST be given with an empty value.
Its probably some poorly written bot.
heavyd
Posted 2010-03-11T15:50:03.590
Reputation: 54 755