Spam being sent from vulnerable web servers

If you manage a site running on the Apache web server, you may want to check out this article and be sure that you are not inadvertently allowing mail to be sent through your server.

Here is a quick way to tell if your site is vulnerable:
telnet www.yoursite.com 80 Press Enter
GET http://www.google.com/ Press Enter
If you see the HTML for your site’s home page (not the google home page), then your Apache is correctly serving your site instead of forwarding the request. If you see the HTML for Google’s homepage, your server is an open forwarding proxy, and it needs to be fixed.
Note: if you are using a hosting service (as opposed to running your own servers) then they should have already been on top of this. If you find out they were not, then you should dump them and go with someone else.

This entry was posted in Blog Posts and tagged . Bookmark the permalink.

One Response to Spam being sent from vulnerable web servers

  1. nstryker says:

    yet another reason people shouldn’t be running 1.3 anymore.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>