I keep getting attacks on squirrelmail, sometimes successful which sees them upload some irc rubbish.. heres some lines from httpd error log
--11:00:30-- http://195.20.206.246/squirrelmail/data/files/h
(try:16) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
--11:04:51-- http://195.20.206.246/squirrelmail/data/files/h
(try:17) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
--11:09:13-- http://195.20.206.246/squirrelmail/data/files/h
(try:18) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
--11:13:34-- http://195.20.206.246/squirrelmail/data/files/h
(try:19) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
--11:17:55-- http://195.20.206.246/squirrelmail/data/files/h
(try:20) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Giving up.
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... sh: ./x: No such file or directory
chmod: cannot access `c': No such file or directory
==> Fakename: /usr/sbin/httpd -k start -DSSL PidNum: 599
[Mon Apr 27 09:38:57 2009] [error] [client 58.108.160.222] File does not exist: /var/www/html/401.shtml
Read error (Connection timed out) in headers.
Retrying.
--09:50:17-- http://195.20.206.246/squirrelmail/data/files/h
(try: 2) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... [Mon Apr 27 10:03:58 2009] [error] [client 202.173.155.36] File does not exist: /var/www/html/favicon.ico
[Mon Apr 27 10:03:58 2009] [error] [client 202.173.155.36] File does not exist: /var/www/html/404.shtml
Read error (Connection timed out) in headers.
Retrying.
It sets up a fake process for httpd and then when apache is restarted it hangs until the fake process is killed..
Any ideas on how to stop this (apart from trashing squirrel)?
--11:00:30-- http://195.20.206.246/squirrelmail/data/files/h
(try:16) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
--11:04:51-- http://195.20.206.246/squirrelmail/data/files/h
(try:17) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
--11:09:13-- http://195.20.206.246/squirrelmail/data/files/h
(try:18) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
--11:13:34-- http://195.20.206.246/squirrelmail/data/files/h
(try:19) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
--11:17:55-- http://195.20.206.246/squirrelmail/data/files/h
(try:20) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Giving up.
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... sh: ./x: No such file or directory
chmod: cannot access `c': No such file or directory
==> Fakename: /usr/sbin/httpd -k start -DSSL PidNum: 599
[Mon Apr 27 09:38:57 2009] [error] [client 58.108.160.222] File does not exist: /var/www/html/401.shtml
Read error (Connection timed out) in headers.
Retrying.
--09:50:17-- http://195.20.206.246/squirrelmail/data/files/h
(try: 2) => `h'
Connecting to 195.20.206.246:80... connected.
HTTP request sent, awaiting response... [Mon Apr 27 10:03:58 2009] [error] [client 202.173.155.36] File does not exist: /var/www/html/favicon.ico
[Mon Apr 27 10:03:58 2009] [error] [client 202.173.155.36] File does not exist: /var/www/html/404.shtml
Read error (Connection timed out) in headers.
Retrying.
It sets up a fake process for httpd and then when apache is restarted it hangs until the fake process is killed..
Any ideas on how to stop this (apart from trashing squirrel)?