Hello,
first I must say I have little or no experience with servers....
- i added a handler for /upload
- i added handler for websockets /push
- server listens for https-connections on port 8889
- clients are mainly B4A-apps
The server is doing what it is supposed to do, works stable, no problems. In the logfile of the server i can see this as:
80.101.7.236 - - [17/apr/2018:00:14:55 +0000] "POST /upload?type=srv HTTP/1.1" 200 1928 "-" "okhttp/3.5.0"
80.101.7.236 - - [17/apr/2018:08:09:32 +0000] "GET /push HTTP/1.1" 101 0 "-" "-"
However, in the logfiles of the server I also can see things like:
122.228.208.113 - - [17/apr/2018:00:13:29 +0000] "CONNECT www.server110.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:30 +0000] "CONNECT www.server110.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:30 +0000] "CONNECT www.server110.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:31 +0000] "CONNECT www.server110.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:32 +0000] "CONNECT www.linode.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:32 +0000] "CONNECT www.linode.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:33 +0000] "CONNECT www.linode.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:33 +0000] "CONNECT www.linode.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:34 +0000] "CONNECT www.baidu.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:34 +0000] "CONNECT www.baidu.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:35 +0000] "CONNECT www.baidu.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:36 +0000] "CONNECT www.baidu.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
196.52.43.61 - - [17/apr/2018:11:23:39 +0000] "GET / HTTP/1.0" 404 315 "-" "Mozilla/5.0(WindowsNT6.1;rv:31.0)Gecko/20100101Firefox/31.0"
91.185.201.71 - - [17/apr/2018:20:44:09 +0000] "GET / HTTP/1.1" 404 315 "-" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
91.185.201.71 - - [17/apr/2018:20:44:10 +0000] "GET /HNAP1/ HTTP/1.1" 404 321 "http://80.101.7.236:8888/" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
Now my questions are:
- What is the server doing with requests that are not handled with with the added "handlers"
- Should I log more and look in the logfiles for checking if the server is not "misused"
- Can this server be "misused" for other purposes by those who scan the interrnet.
- Those who scan the internet can see Powered by Jetty:// 9.4.z-SNAPSHOT. Should I switch this information off and, if so, how?
Again, I've little or no experience with servers but any information would be more then welcome....
first I must say I have little or no experience with servers....
- i added a handler for /upload
- i added handler for websockets /push
- server listens for https-connections on port 8889
- clients are mainly B4A-apps
The server is doing what it is supposed to do, works stable, no problems. In the logfile of the server i can see this as:
80.101.7.236 - - [17/apr/2018:00:14:55 +0000] "POST /upload?type=srv HTTP/1.1" 200 1928 "-" "okhttp/3.5.0"
80.101.7.236 - - [17/apr/2018:08:09:32 +0000] "GET /push HTTP/1.1" 101 0 "-" "-"
However, in the logfiles of the server I also can see things like:
122.228.208.113 - - [17/apr/2018:00:13:29 +0000] "CONNECT www.server110.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:30 +0000] "CONNECT www.server110.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:30 +0000] "CONNECT www.server110.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:31 +0000] "CONNECT www.server110.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:32 +0000] "CONNECT www.linode.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:32 +0000] "CONNECT www.linode.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:33 +0000] "CONNECT www.linode.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:33 +0000] "CONNECT www.linode.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:34 +0000] "CONNECT www.baidu.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:34 +0000] "CONNECT www.baidu.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:35 +0000] "CONNECT www.baidu.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
122.228.208.113 - - [17/apr/2018:00:13:36 +0000] "CONNECT www.baidu.com:443 HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
196.52.43.61 - - [17/apr/2018:11:23:39 +0000] "GET / HTTP/1.0" 404 315 "-" "Mozilla/5.0(WindowsNT6.1;rv:31.0)Gecko/20100101Firefox/31.0"
91.185.201.71 - - [17/apr/2018:20:44:09 +0000] "GET / HTTP/1.1" 404 315 "-" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
91.185.201.71 - - [17/apr/2018:20:44:10 +0000] "GET /HNAP1/ HTTP/1.1" 404 321 "http://80.101.7.236:8888/" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
Now my questions are:
- What is the server doing with requests that are not handled with with the added "handlers"
- Should I log more and look in the logfiles for checking if the server is not "misused"
- Can this server be "misused" for other purposes by those who scan the interrnet.
- Those who scan the internet can see Powered by Jetty:// 9.4.z-SNAPSHOT. Should I switch this information off and, if so, how?
Again, I've little or no experience with servers but any information would be more then welcome....
Last edited:
