Blocking SEARCH request in HTTP (such as POST and GET)

[05/Jul/2004:08:01:52 -0400] "SEARCH /\x90\x02\xb1\x02\xb1\x02\xb1 (and a lot more)

We are on linux...but we have found that this appears to be an attack, and sometimes seems to de-stabalize apache or HTTPS sessions (not sure yet).
I would like to know if anyone has sucessfully blocked SEARCH attempts in their logs/apache server.

Yes we are running latest version of everything (apache, php, etc).

Please note we are running grsecurity medium level --> however I have not found any logs in /var/log/messages which seems to be related to grsecurity about this problem.

Any help would be very appreciated.

 

 

 

 

Top