Attempted attack - how to defend?
208.229.189.235 - - [22/Sep/2004:05:55:26 -0700] "POST /cgi-bin/form.cgi HTTP/1.0" 404 308 "http://www.mydomain.com/" "-"
204.108.65.10 - - [22/Sep/2004:05:55:22 -0700] "POST /cgi-bin/mailform.pl HTTP/1.0" 404 308 "http://www.mydomain.com/" "-"
66.17.16.156 - - [22/Sep/2004:05:55:21 -0700] "POST /cgi-bin/pdu-discon.pl HTTP/1.1" 404 308 "http://www.mydomain.com/" "-"
69.45.37.167 - - [22/Sep/2004:05:55:15 -0700] "HEAD / HTTP/1.0" 200 0 "-" "-"
The web server is a LAMP configuration and the cgi-bin directory has 755 permissions. Should the permissions be more restrictive? Is this a common attack? What else should I do to defend against this kind of thing?
