Search Strings That Concern Me



When you dig through the list of http requests that go to your website, you often find some real interesting search strings. Like this one:



Host: 67.36.177.127 Url: /canaries.htm Http Code : 200

Date: Sep 19 12:17:51 Http Version: HTTP/1.1 Size in Bytes: 7985

Referer: http://google.yahoo.com/bin/query?p=%22how+to+make+poison%22&hc=0&hs=0&xargs= Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; YComp 5.0.0.0)



Name: adsl-67-36-177-127.dsl.chcgil.ameritech.net

Address: 67.36.177.127



The article that this search string pointed this user to, of course, doesn't tell you how to make poison. But this isn't the first time that someone has used that search string to get to that article. It worries me a bit. The last time that this exact search string led to that article was the evening of September 11, 2001. The request came from a library computer at the University of Chicago. I informed the FBI about that request, suggesting that they might want to take a look at who was searching for that information. To my knowledge, my detailed description of IP address, location of the PC, time, etc., was just dropped on the floor. I almost wonder if I would be wasting my time informing the FBI again.