Cracking down on attacks - OPTIONS & PROPFIND requests?

[jimoblak]

A few months ago I was shocked at how much junk was in my access.log for my little old home computer/development server. I think I have otherwise beaten down all the IIS attack attempts by serving on a non-80 port and by requiring basic authentication.

I was just checking the access.log on my Mac OSX Apache2 installation and found the following requests from my own LAN (either a router, a nearby WindowsXP box or from the Mac itself - I juggle local IP addresses a lot). Can anyone explain what the OPTIONS and PROPFIND requests are? Should I be concerned?

192.168.0.100 - - [27/Jul/2003:21:37:47 -0400] "OPTIONS / HTTP/1.1" 401 496
192.168.0.100 - "" [27/Jul/2003:21:37:47 -0400] "OPTIONS / HTTP/1.1" 401 496
192.168.0.100 - - [28/Jul/2003:00:21:53 -0400] "OPTIONS / HTTP/1.1" 401 496
192.168.0.100 - "" [28/Jul/2003:00:21:53 -0400] "OPTIONS / HTTP/1.1" 401 496
192.168.0.100 - - [29/Jul/2003:12:41:58 -0400] "OPTIONS / HTTP/1.1" 401 496
192.168.0.100 - "" [29/Jul/2003:12:41:58 -0400] "OPTIONS / HTTP/1.1" 401 496
192.168.0.100 - - [30/Jul/2003:05:46:59 -0400] "OPTIONS / HTTP/1.1" 401 496
192.168.0.100 - "" [30/Jul/2003:05:46:59 -0400] "OPTIONS / HTTP/1.1" 401 496

Also...

192.168.0.101 - - [10/Sep/2003:05:21:10 -0400] "PROPFIND /myusername HTTP/1.1" 401 496
192.168.0.101 - - [10/Sep/2003:05:21:10 -0400] "PROPFIND /myusername HTTP/1.1" 401 496

- - picklefish - -

Why is everyone in this forum responding to me as picklefish?

 

[realm174]

Not that I would know anything about this myself, but here's what I found by doing a little search on google:

http://httpd.apache.org/docs-2.0/mod/mod_dav.html#davdepthinfinity

That should put you in the right direction...

You can also try a keyword search in here... I tried and came up with thread65-390019 if that helps...



Cheers,

Realm174