[ale] apache wierdness

Bob Toxen transam at verysecurelinux.com
Wed Apr 13 17:11:54 EDT 2005 

Run an instantiation of Ethereal on each interface.  The answer that
you seek will be there.

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002

On Wed, Apr 13, 2005 at 04:46:04PM -0400, James P. Kinney III wrote:
> Scenario:
> 
> apache server behind nat firewall.
> Network changes just occurred.
> Nat reconfigured to accept new external IP and redirect to DMZ apache
> server.
> 
> Situation:
> 
> _partial_ connections. If login to web script with bad user name or
> password, system returns the correct "bad username or password. Login
> failed" error message from the login script.
> 
> Using a good combination, I get no response. It looks like a server hung
> on connect. wget eventually times out. BUT! The person who wrote the app
> on the server connects just fine with the SAME LOGIN THAT FAILS WITH
> ME?!?!?!
> 
> Both of us see the same IP address. No errors in the log files.
> 
> If I try and access a perl script in cgi-bin called printenv with the
> perms set to no execute, I get an apache arror message telling me it
> can't be execute. If the perms are fixed, the server just sits and does
> NOTHING.
> 
> I have never seen something like this before and am comletely perplexed.
> 
> The firewall now has old and new connections on it (i.e. old IP and new
> IP) We are in the process of migrating to a new ISP/data line provider. 
> 
> If everything failed to go through, I could understand it being the
> network change. But some stuff comes through. Static pages don't happen.
> Error messages happen.
> 
> 
> -- 
> James P. Kinney III          \Changing the mobile computing world/
> CEO & Director of Engineering \          one Linux user         /
> Local Net Solutions,LLC        \           at a time.          /
> 770-493-8244                    \.___________________________./
> http://www.localnetsolutions.com
> 
> GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
> <jkinney at localnetsolutions.com>
> Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7



> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list