-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello,
So I've been receiving a few of these httpd requests on my SSL web server. The webserver runs on the root domain of a subdomain hosting a tor relay. From a whois, i see rgnx is owned by Jacob Appelbaum.
The webserver in question is running a good ssl setup according to https://www.ssllabs.com/ssltest/.
Any information as to what this could be?
###### ## httpd log ## rgnx.net - - [20/Feb/2014:17:29:46 +0100] "\x16\x03\x01" 301 217 "-" "-"
## logwatch ## Attempts to use known hacks by 1 hosts were logged 62 time(s) from: rgnx.net: 62 Time(s) ^null$ 62 Time(s)
A total of 1 sites probed the server rgnx.net
A total of 1 possible successful probes were detected (the following URLs contain strings that match one or more of a listing of strings that indicate a possible exploit):
null HTTP Response 301 ######
tor-relays@lists.torproject.org