Wed, 15 Nov 2006
Is it blackmail?
A Fascinating Apache Log Entry
Apache is the software that runs the HallmarcDotNet web server. It keeps a record of every request for a web page, including where it came from, the date and time, the method and protocol version used, whether the request was successful or not, the size of the file that was sent (if any) in response to the request, the URL that the requester had most recently visited, and the browser and version the requester is claiming to use.
Two or three times a month I run a script that looks for interesting entries in the log: cracking attempts, broken links, recruiters finding my resume, people reading my novel or blog, that sort of thing.
Today when I ran my script, I encountered a fascinating entry - one that piqued my curiosity. Here's the raw text:
mail.fz.k12.mo.us - - [06/Nov/2006:10:46:25 -0600]
"GET /cgi-bin/blosxom.cgi HTTP/1.1"
200 19898 "http://www.google.com/search?hl=en&lr=&q=dubray+dirty+stuff+mo&btnG=Search"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)"
What that means is that someone inside the Fort Zumwalt School District network did a Google search for the combination of terms "dubray+dirty+stuff+mo". For the uninitiated, Bernard J. DuBray is the current superintendent of that school district. A middle school (as it happens, the one my oldest child attends) in the district is named after Dr. DuBray.
It's not a a very imaginative query... Possibly a student, but more likely a disgruntled employee. Or a very good PR flack, looking to get ahead of the opposition.
Do we have a potential blackmailer? Do I call the papers? The police? The network admin at Fort Zumwalt SD?
It probably means absolutely nothing; but it's still fun to speculate. And imagine the possibilities.
posted at: 12:58 | permanent link to this entryMarc Elliot Hall St. Peters, Missouri
Page created: 21 January 2002
Page modified: 14 November 2006
