アタックNo1してきたIPを晒すスレ
1 :DNS未登録さん :2011/02/01(火) 23:36:21 ID:???.net 涙が出ちゃう
2 :DNS未登録さん :2011/02/01(火) 23:50:11 ID:???.net 212.83.42.101 WEBの常連さん。 MyAdmin myadmin mysql phpMyAdmin phpmyadmin pma webdav geeklog/bbs/fckeditor/editor その他色々なフォルダを探して手当たりしだいアクセス、sshのログインも一生懸命してくる
3 :DNS未登録さん :2011/02/01(火) 23:57:35 ID:???.net >>2 IP毎回違うけど、うちにもphpMyAdminとかpmaとか探しに何回も来てるよ
4 :DNS未登録さん :2011/02/02(水) 02:07:47 ID:???.net phpMyAdminは多いいね。 それ以外はロボットばっかり
5 :DNS未登録さん :2011/02/02(水) 10:52:51 ID:???.net Feb 1 20:53:36 192 sshd[30181]: refused connect from ::ffff:221.206.130.3 (::ffff:221.206.130.3) Feb 1 21:50:22 192 sshd[30308]: refused connect from ::ffff:221.206.130.3 (::ffff:221.206.130.3) Feb 1 23:10:01 192 sshd[30585]: refused connect from ::ffff:61.163.56.24 (::ffff:61.163.56.24) Feb 1 23:50:12 192 sshd[30654]: refused connect from ::ffff:61.163.56.24 (::ffff:61.163.56.24) Feb 2 00:20:23 192 sshd[30768]: refused connect from ::ffff:60.12.11.62 (::ffff:60.12.11.62) Feb 2 01:54:23 192 sshd[30957]: refused connect from ::ffff:128.226.170.170 (::ffff:128.226.170.170) Feb 2 04:37:54 192 sshd[31317]: refused connect from ::ffff:202.205.176.115 (::ffff:202.205.176.115) SSHのポートを22から変えたら全く来なくなったけど、試しに22に戻したらまた来た。 22が開いてるところしか狙ってないのかな。
6 :DNS未登録さん :2011/02/02(水) 21:48:05 ID:???.net うちもphpMyAdmin関係は多い # cat /var/log/httpd/access_log | grep 110.172.52.5 | wc -l 951
7 :DNS未登録さん :2011/02/03(木) 21:04:44 ID:???.net crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:00 +0900] "GET /php-my-admin/scripts/setup.php HTTP/1.1" 404 228 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:00 +0900] "GET /phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 232 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:00 +0900] "GET /phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 232 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:01 +0900] "GET /phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 232 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:01 +0900] "GET /phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 232 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:02 +0900] "GET /phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:02 +0900] "GET /phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:02 +0900] "GET /phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 232 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:03 +0900] "GET /phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:03 +0900] "GET /phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:03 +0900] "GET /phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:04 +0900] "GET /phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 232 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:04 +0900] "GET /phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 232 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:05 +0900] "GET /phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:05 +0900] "GET /phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 238 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:05 +0900] "GET /phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 239 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:06 +0900] "GET /phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 238 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:06 +0900] "GET /phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 238 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:06 +0900] "GET /phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:07 +0900] "GET /phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:07 +0900] "GET /phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:08 +0900] "GET /phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 232 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:08 +0900] "GET /phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:08 +0900] "GET /phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:09 +0900] "GET /phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 236 crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:22 +0900] "GET /phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 232 こういう奴か
8 :DNS未登録さん :2011/02/04(金) 00:56:26 ID:2KVB2Qqc.net こいつ アタックNO1w FNAfb-09p2-253.ppp11.odn.ad.jp
9 :DNS未登録さん :2011/02/05(土) 08:50:59 ID:???.net 91.121.243.113 >7と同じ。phpMyAdmin関係総なめ
10 :DNS未登録さん :2011/02/05(土) 12:20:03 ID:???.net >2 sshdは、denyhostお勧め。 アタックしてきたアドレスを、自動でブロックしてくれる。 我が家の現状: % egrep ^sshd /etc/hosts.deny | wc -l 1100
11 :DNS未登録さん :2011/02/06(日) 00:18:30 ID:???.net apacheってリクエストがないとログ記録されないっけ
12 :DNS未登録さん :2011/02/06(日) 13:43:36 ID:???.net ,, -――-、 | アタックチャンス !! //ヾソ)),il|,);r、. 人 /";彡`ヾド!ソツノ゙ミヾ、  ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ i;彡 _ _ ミ. i ,i;;;彡 ,.,._ . :_..、ヾ/ i:yv. ´;.。.、`; ;。:、 リ ヽ`i 、 _;ノ,: i、:_,. ! `| ,__、,.r、_.bヽ. ,′ /r´.三ミD‐-;→;ソ , : -´ ̄|::::|´^, r〕!Ξ´.ノ‐- 、. /::::::::::::::::ヽノ )´、:_丿|::\:::::::`‐-、. ./ :::::::\_:::::::∧ , _.∧ ./.ヽ !:::::::ヽ:::::::::|:`,
13 :DNS未登録さん :2011/02/06(日) 23:50:48 ID:???.net googleのbotしかこねー
14 :DNS未登録さん :2011/02/07(月) 14:39:46 ID:???.net 61.19.255.14 - - [07/Feb/2011:03:59:46 +0900] "GET /roundcubemail/README HTTP/1.1" 404 444 "-" "Morfeus strikes again." 61.19.255.14 - - [07/Feb/2011:03:59:46 +0900] "GET /rc/README HTTP/1.1" 404 444 "-" "Morfeus strikes again." 61.19.255.14 - - [07/Feb/2011:03:59:46 +0900] "GET /webmail/README HTTP/1.1" 404 444 "-" "Morfeus strikes again." 61.19.255.14 - - [07/Feb/2011:03:59:47 +0900] "GET /roundcube/README HTTP/1.1" 404 444 "-" "Morfeus strikes again." 61.19.255.14 - - [07/Feb/2011:03:59:47 +0900] "GET /mail/README HTTP/1.1" 404 444 "-" "Morfeus strikes again." 61.19.255.14 - - [07/Feb/2011:03:59:47 +0900] "GET /README HTTP/1.1" 404 444 "-" "Morfeus strikes again." phpMyAdmin以外に、こんな奴も最近来るようになった
15 :DNS未登録さん :2011/02/08(火) 00:04:26 ID:???.net これは何がしたいんだ
16 :DNS未登録さん :2011/02/08(火) 01:00:58 ID:???.net http://www.ipa.go.jp/security/fy21/reports/tech1-tg/a_07.html Roundcube
17 :DNS未登録さん :2011/02/09(水) 21:25:17 ID:???.net これは何がしたいんだ
18 :DNS未登録さん :2011/02/09(水) 21:54:37 ID:???.net 単純にroundcubeを置いてるかどうか探してるんでしょ roundcube使ったことないから知らないけど、phpMyAdminみたいにセキュリティホールあるんじゃないの?
19 :DNS未登録さん :2011/02/11(金) 10:39:12 ID:MrqsjyYh.net 先月はこんな感じ。去年に比べてだいぶ減ったなぁ。 http://uproda.2ch-library.com/3421976IH/lib342197.jpg
20 :DNS未登録さん :2011/02/11(金) 20:18:49 ID:???.net >>14 と全く同じのが来てた 日時もほぼ同じ あとこんなのとか 67.205.111.77 (5rreo.com) Date,Time,Method,URL,Query,HTTP,Status,Size,Referer,Keyword,Agent 2011/02/04,03:15:23,GET,"/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:24,GET,"/cart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:25,GET,"/zen-cart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:25,GET,"/zencart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:26,GET,"/zen/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:27,GET,"/butik/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:27,GET,"/shop/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:28,GET,"/butik/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:28,GET,"/zcart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:29,GET,"/catalog/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:29,GET,"/shop2/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:30,GET,"/boutique/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola" 2011/02/04,03:15:31,GET,"/store/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
21 :DNS未登録さん :2011/02/12(土) 20:43:40 ID:???.net http://members3.jcom.home.ne.jp/rising-sun/ こちらにURLを掲載されてから、スパマーが大挙して書き込みに来るようになりました。 それまで5hot/月くらいだったので、どうやって俺のサイトを見つけたのか不思議です。
22 :DNS未登録さん :2011/02/12(土) 21:16:37 ID:???.net 馬鹿サイトサーチャーに引っかかったんじゃねw あほかと
23 :DNS未登録さん :2011/02/12(土) 21:40:10 ID:???.net >>21 馬鹿だろ? 自殺しなさい
24 :DNS未登録さん :2011/02/13(日) 15:25:06 ID:???.net 5分から数時間周期で、うちの掲示板を爆撃してくれてるIPの方々 125-14-198-192.rev.home.ne.jp 155.215.232.111.ap.yournet.ne.jp 173.60.112.219.ap.yournet.ne.jp 182-167-50-41f1.kyt1.eonet.ne.jp 36.76.44.61.ap.yournet.ne.jp 55.223.183.58.megaegg.ne.jp fa211-113.infoaomori.ne.jp fe219-224.infoaomori.ne.jp gd202157012064.u31.kcn-tv.ne.jp i121-115-10-40.s05.a002.ap.plala.or.jp i60-34-249-28.s05.a002.ap.plala.or.jp kd111098033213.ppp-bb.dion.ne.jp nttkyo787161.tkyo.nt.ftth.ppp.infoweb.ne.jp p1208-ipbf11matuyama.ehime.ocn.ne.jp p2176-ipbf31osakakita.osaka.ocn.ne.jp p2220-ipbf217hodogaya.kanagawa.ocn.ne.jp p4001-ipbf506okidate.aomori.ocn.ne.jp p4043-ipbfp505oomichi.oita.ocn.ne.jp p6107-ipad24osakakita.osaka.ocn.ne.jp fe219-224.infoaomori.ne.jp gd202157012064.u31.kcn-tv.ne.jp i121-115-10-40.s05.a002.ap.plala.or.jp i60-34-249-28.s05.a002.ap.plala.or.jp kd111098033213.ppp-bb.dion.ne.jp nttkyo787161.tkyo.nt.ftth.ppp.infoweb.ne.jp p1208-ipbf11matuyama.ehime.ocn.ne.jp p2176-ipbf31osakakita.osaka.ocn.ne.jp p2220-ipbf217hodogaya.kanagawa.ocn.ne.jp p4001-ipbf506okidate.aomori.ocn.ne.jp p4043-ipbfp505oomichi.oita.ocn.ne.jp p6107-ipad24osakakita.osaka.ocn.ne.jp pd9c147.aicint01.ap.so-net.ne.jp softbank126028210215.bbtec.net z130201.dynamic.ppp.asahi-net.or.jp
25 :DNS未登録さん :2011/02/13(日) 21:37:57 ID:???.net 今日のエロPOST 110.4.130.201 111.232.215.155 112.136.113.83 113.146.93.230 113.197.189.143 114.168.207.139 114.170.128.214 114.184.9.220 118.104.172.220 118.104.179.201 118.109.143.39 118.8.38.149 118.9.220.244 119.106.141.196 119.171.129.173 119.240.104.41 121.110.118.125 121.112.239.228 121.84.232.185 121.87.9.57 121.94.255.149 122.132.10.123 122.135.162.147 123.220.39.220 124.147.111.65 124.214.165.15 124.24.204.121 124.96.171.120 124.96.52.43 125.14.198.192 125.204.241.189 125.207.20.146 126.127.166.209 126.131.28.248 126.14.122.149 150.70.75.161 180.131.90.82 180.144.58.187 180.221.227.142 180.5.197.245 182.167.80.18 182.168.195.197 183.76.79.10 202.157.12.64 202.226.208.164 202.226.214.49 211.2.66.140 216.104.15.130 216.104.15.134 216.104.15.138 216.104.15.142 218.231.172.112 219.111.124.66 219.112.60.122 219.8.100.11 220.56.10.183 221.190.78.15 221.20.34.163 222.144.50.1 222.226.145.26 58.0.105.152 58.169.234.43 58.183.5.68 58.188.233.9 60.237.4.90 60.239.223.164 60.39.34.90 61.210.188.161 61.44.54.37 61.46.27.183 61.89.161.187 61.89.165.136
26 :DNS未登録さん :2011/02/13(日) 22:12:34 ID:???.net 上の奴へ ポスト系は、IP変えながら投げるツールが腐るほどあるから いくら晒しても無駄だと思われ。 ツール使えば月50万くらいは稼げるぞw
27 :DNS未登録さん :2011/02/13(日) 22:20:48 ID:???.net MA NU KE HA SI N DE KU RE
28 :DNS未登録さん :2011/02/13(日) 22:33:58 ID:???.net >>26 IP変えてくる奴もいるけど、 223.132.1.24は、9千回以上ログに出てくる
29 :DNS未登録さん :2011/02/20(日) 18:16:55.27 ID:???.net 220.105.173.3
30 :DNS未登録さん :2011/02/20(日) 19:15:52.01 ID:???.net p840118.tokynt01.ap.so-net.ne.jp
31 :DNS未登録さん :2011/02/21(月) 21:33:37.73 ID:???.net 苦しくたって 悲しくたって jailの中なら平気なの? …スマソ
32 :DNS未登録さん :2011/02/22(火) 21:54:34.06 ID:???.net 91.121.108.5 [22/Feb/2011:01:49:51 +0900] "GET /scripts/setup.php HTTP/1.1" 404 REF:- 91.121.108.5 [22/Feb/2011:01:49:51 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:- 91.121.108.5 [22/Feb/2011:01:49:52 +0900] "GET /db/scripts/setup.php HTTP/1.1" 404 REF:- 91.121.108.5 [22/Feb/2011:01:49:57 +0900] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 91.121.108.5 [22/Feb/2011:01:50:03 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 91.121.108.5 [22/Feb/2011:01:50:09 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 REF:- 91.121.108.5 [22/Feb/2011:01:50:15 +0900] "GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 91.121.108.5 [22/Feb/2011:01:50:21 +0900] "GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 91.121.108.5 [22/Feb/2011:01:50:27 +0900] "GET /web/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:44:30 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:- 89.149.242.190 [22/Feb/2011:02:44:31 +0900] "GET /PHPMYADMIN/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:44:31 +0900] "GET /3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:44:37 +0900] "GET /PMA/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:44:43 +0900] "GET /PMA2005/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:44:52 +0900] "GET /SSLMySQLAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:44:58 +0900] "GET /admin/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:04 +0900] "GET /admin/pma/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:10 +0900] "GET /admin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:16 +0900] "GET /bbs/data/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:22 +0900] "GET /cpadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:28 +0900] "GET /cpadmindb/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:34 +0900] "GET /cpanelmysql/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:40 +0900] "GET /cpanelphpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:46 +0900] "GET /cpanelsql/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:52 +0900] "GET /cpdbadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:45:58 +0900] "GET /cpphpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:04 +0900] "GET /db/scripts/setup.php HTTP/1.1" 404 REF:-
33 :DNS未登録さん :2011/02/22(火) 21:56:13.08 ID:9vW0beJU.net 89.149.242.190 [22/Feb/2011:02:46:10 +0900] "GET /dbadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:16 +0900] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:22 +0900] "GET /mysql-admin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:28 +0900] "GET /mysql/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:34 +0900] "GET /mysqladmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:35 +0900] "GET /mysqlmanager/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:41 +0900] "GET /p/m/a/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:35 +0900] "GET /mysqladminconfig/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:47 +0900] "GET /pMA/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:53 +0900] "GET /php-my-admin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:46:59 +0900] "GET /php-myadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:05 +0900] "GET /phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:11 +0900] "GET /phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:17 +0900] "GET /phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:23 +0900] "GET /phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:29 +0900] "GET /phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:35 +0900] "GET /phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:41 +0900] "GET /phpMyAdmin-2.5.5-rc1config/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:47 +0900] "GET /phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:53 +0900] "GET /phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:47:59 +0900] "GET /phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:05 +0900] "GET /phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:11 +0900] "GET /phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:17 +0900] "GET /phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:23 +0900] "GET /phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:29 +0900] "GET /phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:35 +0900] "GET /phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 REF:-
34 :DNS未登録さん :2011/02/22(火) 21:57:03.09 ID:???.net 89.149.242.190 [22/Feb/2011:02:48:39 +0900] "GET /phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:38 +0900] "GET /phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:45 +0900] "GET /phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:51 +0900] "GET /phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:48:57 +0900] "GET /phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:03 +0900] "GET /phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:09 +0900] "GET /phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:15 +0900] "GET /phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:21 +0900] "GET /phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:27 +0900] "GET /phpMyAdmin-2.6.1-pl1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:33 +0900] "GET /phpMyAdmin-2.6.1-pl2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:39 +0900] "GET /phpMyAdmin-2.6.1-pl3/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:45 +0900] "GET /phpMyAdmin-2.6.1-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:51 +0900] "GET /phpMyAdmin-2.6.1-rc2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:49:57 +0900] "GET /phpMyAdmin-2.6.1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:03 +0900] "GET /phpMyAdmin-2.6.2-beta1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:09 +0900] "GET /phpMyAdmin-2.6.2-pl1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:15 +0900] "GET /phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:21 +0900] "GET /phpMyAdmin-2.6.2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:27 +0900] "GET /phpMyAdmin-2.6.3-pl1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:33 +0900] "GET /phpMyAdmin-2.6.3-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:39 +0900] "GET /phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:43 +0900] "GET /phpMyAdmin-2.6.4-pl2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:42 +0900] "GET /phpMyAdmin-2.6.4-pl1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:49 +0900] "GET /phpMyAdmin-2.6.4-pl3/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:50:55 +0900] "GET /phpMyAdmin-2.6.4-pl4/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:51:01 +0900] "GET /phpMyAdmin-2.6.4-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:51:07 +0900] "GET /phpMyAdmin-2.6.4/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:51:13 +0900] "GET /phpMyAdmin-2.7.0-beta1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:51:19 +0900] "GET /phpMyAdmin-2.7.0-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
35 :DNS未登録さん :2011/02/22(火) 21:57:43.50 ID:???.net 89.149.242.190 [22/Feb/2011:02:51:25 +0900] "GET /phpMyAdmin-2.7.0-pl2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:51:31 +0900] "GET /phpMyAdmin-2.7.0-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:51:37 +0900] "GET /phpMyAdmin-2.7.0/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:51:43 +0900] "GET /phpMyAdmin-2.8.0-beta1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:51:49 +0900] "GET /phpMyAdmin-2.8.0-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:51:55 +0900] "GET /phpMyAdmin-2.8.0-rc2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:01 +0900] "GET /phpMyAdmin-2.8.0.1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:07 +0900] "GET /phpMyAdmin-2.8.0.2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:13 +0900] "GET /phpMyAdmin-2.8.0.3/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:19 +0900] "GET /phpMyAdmin-2.8.0.4/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:25 +0900] "GET /phpMyAdmin-2.8.0/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:31 +0900] "GET /phpMyAdmin-2.8.1-rc1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:37 +0900] "GET /phpMyAdmin-2.8.1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:43 +0900] "GET /phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:46 +0900] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:46 +0900] "GET /phpMyAdmin-2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:52 +0900] "GET /phpMyAdmin2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:52:58 +0900] "GET /phpadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:04 +0900] "GET /phpmanager/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:10 +0900] "GET /phpmy-admin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:16 +0900] "GET /phpmya/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:22 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:28 +0900] "GET /phpmyadmin1/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:34 +0900] "GET /phpmyadmin2/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:40 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:46 +0900] "GET /pma2005/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:52 +0900] "GET /roundcube/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:53:58 +0900] "GET /scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:04 +0900] "GET /sl2/data/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:10 +0900] "GET /sqladmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:16 +0900] "GET /sqlmanager/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:22 +0900] "GET /sqlweb/scripts/setup.php HTTP/1.1" 404 REF:-
36 :DNS未登録さん :2011/02/22(火) 21:59:23.54 ID:???.net 89.149.242.190 [22/Feb/2011:02:54:28 +0900] "GET /typo3/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:34 +0900] "GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:40 +0900] "GET /web/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:46 +0900] "GET /webadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:50 +0900] "GET /webdb/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:50 +0900] "GET /websql/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:54:56 +0900] "GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:55:02 +0900] "GET /~/PMA/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:55:08 +0900] "GET /~/admin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:55:14 +0900] "GET /~/myadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:55:20 +0900] "GET /~/phpadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:55:26 +0900] "GET /~/phpmanager/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:55:32 +0900] "GET /~/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 89.149.242.190 [22/Feb/2011:02:55:38 +0900] "GET :2086/3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 400 REF:- 89.149.242.190 [22/Feb/2011:02:55:44 +0900] "GET :2087/3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 400 REF:- 89.149.242.190 [22/Feb/2011:02:55:50 +0900] "GET :81/phpmyadmin/scripts/setup.php HTTP/1.1" 400 REF:- アタックなんて映画の中だけの話だと思ってました
37 :DNS未登録さん :2011/02/22(火) 22:05:32.86 ID:???.net ついでにユーザエージェント UA:ZmEu
38 :DNS未登録さん :2011/02/22(火) 23:08:38.12 ID:???.net phpmyadminが大好きなんだろうな i125-202-167-50.s10.a029.ap.plala.or.jp
39 :DNS未登録さん :2011/02/24(木) 21:58:15.25 ID:???.net 89.106.13.209 - - [24/Feb/2011:03:08:57 +0900] "GET //phpmyadmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:08:57 +0900] "GET //phpMyAdmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:08:58 +0900] "GET //admin/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:08:59 +0900] "GET //dbadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:08:59 +0900] "GET //myadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:00 +0900] "GET //mysql/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:01 +0900] "GET //mysqladmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:01 +0900] "GET //phpadmin/ HTTP/1.1" 403 211 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:02 +0900] "GET //pma/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:03 +0900] "GET //phpdb/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:03 +0900] "GET //db/ HTTP/1.1" 403 205 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:04 +0900] "GET //mysqladmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:05 +0900] "GET //SQL/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:05 +0900] "GET //padmin/ HTTP/1.1" 403 209 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:06 +0900] "GET //pmadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 89.106.13.209 - - [24/Feb/2011:03:09:07 +0900] "GET //webdb/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 既出かな?
40 :DNS未登録さん :2011/02/24(木) 22:11:25.93 ID:???.net 既出っていうか、もう手当たり次第って感じだな でも、うちには何週間か来てない
41 :DNS未登録さん :2011/02/25(金) 00:34:28.24 ID:???.net pma関係は来るときはドカッとくる
42 :DNS未登録さん :2011/02/26(土) 04:05:39.00 ID:???.net ::1 - - [25/Feb/2011:04:07:33 +0900] "OPTIONS * HTTP/1.0" 200 - "-" "Apache (internal dummy connection)" 手前は節穴か
43 :DNS未登録さん :2011/02/26(土) 04:09:43.91 ID:???.net 77.222.43.19 - - [25/Feb/2011:22:57:37 +0900] "GET //phpmyadmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:38 +0900] "GET //phpMyAdmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:38 +0900] "GET //MyAdmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:41 +0900] "GET //myadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:44 +0900] "GET //pma/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" 77.222.43.19 - - [25/Feb/2011:22:57:45 +0900] "GET //mysql/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro" mod_geoipで弾いてるから実害無いが また来てやがる
44 :DNS未登録さん :2011/02/26(土) 05:51:42.63 ID:???.net //っていうのがうざいよね。 馬鹿なのって思うわ。
45 :DNS未登録さん :2011/02/26(土) 13:30:12.86 ID:???.net いや、馬鹿なんでしょ。
46 :DNS未登録さん :2011/02/27(日) 16:08:26.13 ID:???.net 195.7.10.56 [26/Feb/2011:13:38:52 +0900] GET //phpMyAdmin/scripts/setup.php HTTP/1.1 404 226 195.7.10.56 [26/Feb/2011:13:38:52 +0900] GET //phpMyAdmin1/scripts/setup.php HTTP/1.1 404 227 195.7.10.56 [26/Feb/2011:13:38:53 +0900] GET //phpMyAdmin-2/scripts/setup.php HTTP/1.1 404 228 195.7.10.56 [26/Feb/2011:13:38:54 +0900] GET //phpadmin/scripts/setup.php HTTP/1.1 404 224 195.7.10.56 [26/Feb/2011:13:38:55 +0900] GET //phpmyadmin/scripts/setup.php HTTP/1.1 404 226 195.7.10.56 [26/Feb/2011:13:38:55 +0900] GET //phpmyadmin.old/scripts/setup.php HTTP/1.1 404 230 195.7.10.56 [26/Feb/2011:13:38:56 +0900] GET //old.phpmyadmin/scripts/setup.php HTTP/1.1 404 230 195.7.10.56 [26/Feb/2011:13:38:57 +0900] GET //phpmyadmin1/scripts/setup.php HTTP/1.1 404 227 195.7.10.56 [26/Feb/2011:13:38:58 +0900] GET //phpmyadmin-2/scripts/setup.php HTTP/1.1 404 228 195.7.10.56 [26/Feb/2011:13:38:58 +0900] GET //phpmyadmin1/scripts/setup.php HTTP/1.1 404 227 195.7.10.56 [26/Feb/2011:13:38:59 +0900] GET //phpmyadmin2/scripts/setup.php HTTP/1.1 404 227 195.7.10.56 [26/Feb/2011:13:39:00 +0900] GET //pma/scripts/setup.php HTTP/1.1 404 219 とか 46.4.50.141 [27/Feb/2011:03:17:47 +0900] GET //lists/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 219 46.4.50.141 [27/Feb/2011:03:17:47 +0900] GET //newsletter/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 224 46.4.50.141 [27/Feb/2011:03:17:48 +0900] GET //news/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 218 46.4.50.141 [27/Feb/2011:03:17:49 +0900] GET //phplist/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 221 46.4.50.141 [27/Feb/2011:03:17:49 +0900] GET //phpList/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 221 46.4.50.141 [27/Feb/2011:03:17:50 +0900] GET //admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 213 46.4.50.141 [27/Feb/2011:03:17:50 +0900] GET //phplist/lsts/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 226 46.4.50.141 [27/Feb/2011:03:17:51 +0900] GET //phplists/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 222 46.4.50.141 [27/Feb/2011:03:17:51 +0900] GET //list/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 212 のが 1日1回くらい記録されているかなぁ。 SSHDにもやってくる。 reverse mapping checking getaddrinfo for 122.3.134.131.pldt.net [122.3.134.131] failed - POSSIBLE BREAK-IN ATTEMPT! : 202 time(s) reverse mapping checking getaddrinfo for 178-162-164-39.local [178.162.164.39] failed - POSSIBLE BREAK-IN ATTEMPT! : 55 time(s) Address 64.235.57.228 maps to lasvegas-nv-datacenter.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)
47 :DNS未登録さん :2011/02/28(月) 22:14:22.15 ID:???.net >>46 これうちにも来てる
48 :DNS未登録さん :2011/03/05(土) 15:39:34.86 ID:???.net # ping localhost # rm -rf /
49 :DNS未登録さん :2011/03/10(木) 22:18:38.98 ID:???.net メールサーバへの攻撃 113.244.196.159 1日1万通以上はじいてるのに懲りないww
50 :DNS未登録さん :2011/03/20(日) 00:41:50.31 ID:???.net 193.252.15.94 lputeaux-151-43-28-94.w193-252.abo.wanadoo.fr 89.2.94.115 ip-115.net-89-2-94.rev.numericable.fr
51 :162.78.3.110.ap.yournet.ne.jp :2011/03/20(日) 17:21:36.83 ID:Pnurn98q.net 162.78.3.110.ap.yournet.ne.jpなんやて
52 :DNS未登録さん :2011/03/21(月) 00:15:55.40 ID:???.net 74.3.202.84 - - [20/Mar/2011:08:01:18 +0900] "HEAD /phpmyadmintting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3" 74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //phpMyAdmin/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3" 74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //admin/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3" 74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //mysql/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3" 74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //phpmyadmin2/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3" 74.3.202.84 - - [20/Mar/2011:08:01:20 +0900] "HEAD /epgrec/envSetting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3" PMANと結婚しろ
53 :DNS未登録さん :2011/04/05(火) 07:11:23.24 ID:???.net 昨夜21時過ぎからSMTP鯖へ2~3秒毎に延々アタック > "2011-04-04 21:15:49","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:15:51","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:15:53","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:15:55","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:15:57","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:00","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:02","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:04","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:06","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:08","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:10","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:12","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:14","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:16","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" > "2011-04-04 21:16:18","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0","" 以下略
54 :DNS未登録さん :2011/04/11(月) 11:18:44.32 ID:???.net なんか見慣れないものがあった > 2011/04/10,07:49:13,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/","","1.1",200,8097 > 2011/04/10,07:49:17,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:17,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:17,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
55 :DNS未登録さん :2011/04/11(月) 11:19:48.80 ID:???.net > 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
56 :DNS未登録さん :2011/04/11(月) 11:21:00.04 ID:???.net > 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077 > 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
57 :DNS未登録さん :2011/04/14(木) 08:14:18.70 ID:???.net 49.212.19.24 www1230ub.sakura.ne.jp 49.212.21.126 www1102ud.sakura.ne.jp
58 :DNS未登録さん :2011/05/03(火) 08:53:30.11 ID:qckZg2K9.net 41.89.28.4 - - [30/Apr/2011:14:35:13 +0900] "GET /webdav/test HTTP/1.1" 404 289 "-" "-" 217.243.187.36 - - [30/Apr/2011:23:45:49 +0900] "GET /webdav/test HTTP/1.1" 404 289 "-" "-" 81.201.60.163 - - [02/May/2011:05:29:09 +0900] "GET /sd/1M HTTP/1.1" 404 280 "-" "-" 195.246.217.24 - - [03/May/2011:07:51:26 +0900] "GET /user/soapCaller.bs HTTP/1.1" 404 296 "-" "Morfeus Fucking Scanner"
59 :DNS未登録さん :2011/05/04(水) 17:04:25.73 ID:qh2JvQDF.net 123.30.109.21 - - [04/May/2011:17:00:57 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu" 123.30.109.21 - - [04/May/2011:17:00:57 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu" 123.30.109.21 - - [04/May/2011:17:00:58 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 403 310 "-" "ZmEu" 123.30.109.21 - - [04/May/2011:17:01:06 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu" 123.30.109.21 - - [04/May/2011:17:01:07 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu" 123.30.109.21 - - [04/May/2011:17:01:07 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 403 310 "-" "ZmEu" 123.30.109.21 - - [04/May/2011:17:02:07 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu" 123.30.109.21 - - [04/May/2011:17:02:07 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu" 123.30.109.21 - - [04/May/2011:17:02:07 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 403 310 "-" "ZmEu"
60 :DNS未登録さん :2011/05/04(水) 17:20:17.91 ID:???.net 46.28.109.24 [2011.4/03-12:12:23 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:12:23 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:12:29 +0900] "GET //dbadmin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:12:24 +0900] "GET //admin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:12:35 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:12:41 +0900] "GET //mysql/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:12:47 +0900] "GET //mysqladmin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:12:53 +0900] "GET //phpadmin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:12:59 +0900] "GET //pma/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:13:05 +0900] "GET //phpdb/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:13:11 +0900] "GET //db/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:13:17 +0900] "GET //mysqladmin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:13:23 +0900] "GET //SQL/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:13:29 +0900] "GET //padmin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:13:35 +0900] "GET //pmadmin/ HTTP/1.1" 404 REF:- 46.28.109.24 [2011.4/03-12:13:41 +0900] "GET //webdb/ HTTP/1.1" 404 REF:-
61 :DNS未登録さん :2011/05/04(水) 17:24:36.71 ID:???.net 113.140.75.222 [2011.4/03-19:45:58 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:- 113.140.75.222 [2011.4/03-19:45:59 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:- 113.140.75.222 [2011.4/03-19:46:00 +0900] "GET //pma/ HTTP/1.1" 404 REF:- 113.140.75.222 [2011.4/03-19:46:05 +0900] "GET //dbadmin/ HTTP/1.1" 404 REF:- 113.140.75.222 [2011.4/03-19:46:11 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:- 113.140.75.222 [2011.4/03-19:46:17 +0900] "GET //phppgadmin/ HTTP/1.1" 404 REF:- 113.140.75.222 [2011.4/03-19:46:23 +0900] "GET //PMA/ HTTP/1.1" 404 REF:- 113.140.75.222 [2011.4/03-19:46:29 +0900] "GET //admin/ HTTP/1.1" 404 REF:- 113.140.75.222 [2011.4/03-19:46:35 +0900] "GET //MyAdmin/ HTTP/1.1" 404 REF:- 212.58.96.55 [2011.4/13-01:55:54 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:- 212.58.96.55 [2011.4/13-01:55:54 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:- 212.58.96.55 [2011.4/13-01:55:55 +0900] "GET //MyAdmin/ HTTP/1.1" 404 REF:- 212.58.96.55 [2011.4/13-01:56:01 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:- 212.58.96.55 [2011.4/13-01:56:07 +0900] "GET //pma/ HTTP/1.1" 404 REF:- 212.58.96.55 [2011.4/13-01:56:13 +0900] "GET //mysql/ HTTP/1.1" 404 REF:- 58.83.227.150 [2011.4/13-22:18:03 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:- 58.83.227.150 [2011.4/13-22:18:04 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:- 58.83.227.150 [2011.4/13-22:18:05 +0900] "GET //pma/ HTTP/1.1" 404 REF:- 58.83.227.150 [2011.4/13-22:18:10 +0900] "GET //dbadmin/ HTTP/1.1" 404 REF:- 58.83.227.150 [2011.4/13-22:18:16 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:- 58.83.227.150 [2011.4/13-22:18:22 +0900] "GET //phppgadmin/ HTTP/1.1" 404 REF:- 58.83.227.150 [2011.4/13-22:18:28 +0900] "GET //PMA/ HTTP/1.1" 404 REF:- 58.83.227.150 [2011.4/13-22:18:34 +0900] "GET //admin/ HTTP/1.1" 404 REF:- 58.83.227.150 [2011.4/13-22:18:41 +0900] "GET //MyAdmin/ HTTP/1.1" 404 REF:- 123.30.109.21 [2011.4/20-13:22:53 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 123.30.109.21 [2011.4/20-13:22:52 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 123.30.109.21 [2011.4/30-00:16:47 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:- 123.30.109.21 [2011.4/30-00:16:48 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 123.30.109.21 [2011.4/30-00:16:48 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 113.57.252.72 [2011.5/04-11:08:05 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 113.57.252.72 [2011.5/04-11:08:05 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:- 113.57.252.72 [2011.5/04-11:08:06 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 113.57.252.72 [2011.5/04-11:08:07 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 113.57.252.72 [2011.5/04-11:08:12 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
62 :DNS未登録さん :2011/05/05(木) 14:25:19.93 ID:???.net phpadminの何を狙ってるんだろう?
63 :DNS未登録さん :2011/05/05(木) 18:24:15.73 ID:GKw/2hw5.net phpMyAdminのsetup.phpのセキュリティホールで任意のコマンドが実行できるらしい http://www.nttdata-sec.co.jp/article/vulner/pdf/report20090615.pdf
64 :DNS未登録さん :2011/05/05(木) 21:15:53.74 ID:9a2Rswqc.net http://metalgeargadaisuki.blog6.fc2.com/
65 :DNS未登録さん :2011/05/05(木) 21:59:47.81 ID:GKw/2hw5.net googlebotから謎のアクセス なんだこれ。。。 66.249.69.28 - - [05/May/2011:20:52:21 +0900] "GET /upload/viewer_board/wdviewer.exe HTTP/1.1" 404 315 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) " 66.249.69.28 - - [05/May/2011:20:52:24 +0900] "GET /upload/viewer_board/HwpViewer2007.exe HTTP/1.1" 404 320 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) " 66.249.67.73 - - [05/May/2011:20:52:24 +0900] "GET /upload/viewer_board/AdbeRdr70_kor_full.exe HTTP/1.1" 404 325 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) " 66.249.69.28 - - [05/May/2011:20:52:25 +0900] "GET /upload/viewer_board/Hunv2k.exe HTTP/1.1" 404 313 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) "
66 :DNS未登録さん :2011/05/05(木) 22:23:16.36 ID:???.net GooglebotってそんなUAだったか?
67 :DNS未登録さん :2011/05/06(金) 05:46:41.50 ID:???.net そうだよ
68 :DNS未登録さん :2011/05/06(金) 08:09:26.86 ID:???.net 1年前に削除したKENTWEBのcgiに向かって、今でも毎日数十アクセスある。 apacheのアクセスログもエラーログも、404やら、File does not existのエラーメッセージでいっぱいwww IP分散SEOの業者だと思うが、IPをランダム変化させながら広告を発射してくるので、iptablesに都度登録するスクリプトいれても 全くもってリソースの無駄。指定したアドレス(削除されたcgi)にアクセスしたIPはDROPするよう自動登録してるが、もう9000件を超えて iptablesに食わせる、こっちのメモリリソースが無駄な気がしてきた。 最近のご丁寧に、リファラも指定して打ち込んでくるようになった。殺すぞwwwwww http://link.iclub.to/0791597/ http://link.iclub.to/0933/ http://link.iclub.to/13571357/ http://link.iclub.to/nasato/ http://link.iclub.to/neko38/ http://link2.iclub.to/0762609/ http://link3.iclub.to/2264770/ http://link3.iclub.to/2889785/ http://link3.iclub.to/36912/ http://link4.iclub.to/kabu/ http://link6.iclub.to/uru80ta/
69 :DNS未登録さん :2011/05/21(土) 03:51:47.10 ID:???.net 113.33.224.197 ftpアタきたんだけど、リモートデスクトップ開放してるが大丈夫なのかこれ
70 :DNS未登録さん :2011/05/21(土) 22:00:06.50 ID:???.net 208.51.40.50 ずーとポートスキャンしてきてた このIPアドレスを調べたら中国の新聞(?)サイトらしき所に行き着いたけれど、クラックでもされてるんかな
71 :DNS未登録さん :2011/06/16(木) 12:49:35.68 ID:???.net 85.25.131.109 - - [16/Jun/2011:03:21:39 +0900] "GET /admin/Y-ivrrecording.php?php=info&ip=uname HTTP/1.1" 404 385 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9) Gecko/2008052906 Firefox/3.0" 最近、3日おきぐらいにY-ivrrecording.phpへのアクセスしてくるようになった そんなファイル置いてないけど
72 :DNS未登録さん :2011/06/17(金) 12:29:38.41 ID:???.net 今こいつが来とる 66.241.100.228 内容は>>61 と同じ
73 :DNS未登録さん :2011/06/18(土) 10:11:08.72 ID:/Zs3Wyia.net 182.164.91.73
74 :戦士カンガイバー ◆DMLinuxPbA :2011/06/18(土) 19:13:40.51 ID:???.net 新たなインジェクション攻撃、すでに3万サイトが感染か http://hibari.2ch.net/test/read.cgi/pcnews/1308317712/
75 :DNS未登録さん :2011/07/05(火) 20:50:58.46 ID:???.net 219.135.253.80(80.253.135.219.broad.gz.gd.dynamic.163data.com.cn) 中国から FTPにAdministratorでログインしようとしてた
76 :DNS未登録さん :2011/07/07(木) 21:05:14.45 ID:???.net 114.173.176.253 p17253-ipngn100102okayamaima.okayama.ocn.ne.jp 114.174.207.4 p12004-ipngn100105osakakita.osaka.ocn.ne.jp 114.174.253.34 p14034-ipngn100108osakakita.osaka.ocn.ne.jp 114.173.15.191 p12191-ipngn100403kobeminato.hyogo.ocn.ne.jp 114.173.137.79 p18079-ipngn100204niho.hiroshima.ocn.ne.jp 1日20〜30回TCP445への接続を試みてくる そろそろうざい
77 :DNS未登録さん :2011/07/10(日) 11:30:43.71 ID:???.net 一日50〜120くらいftpにattackくるな swatchで叩き落としてるが
78 :DNS未登録さん :2011/07/12(火) 20:08:52.57 ID:???.net 次スレのスレタイはこうなるの? アタックNo2してきたIPを晒すスレ
79 :DNS未登録さん :2011/07/14(木) 12:51:48.45 ID:???.net アタックチャンス
80 :DNS未登録さん :2011/07/15(金) 23:12:58.75 ID:???.net 適当なところが見つからなかったんで。最近になって、 125.175.54.138 - - [15/Jul/2011:03:32:55 +0900] "GET /you/new.htm HTTP/1.1" 200 55472 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" 125.175.54.138 - - [15/Jul/2011:03:32:56 +0900] ↑ 125.175.54.138 - - [15/Jul/2011:03:32:56 +0900] ↑ 125.175.54.138 - - [15/Jul/2011:03:35:02 +0900] ↑ 125.175.54.138 - - [15/Jul/2011:03:35:03 +0900] ↑ 125.175.54.138 - - [15/Jul/2011:03:35:03 +0900] ↑ ・・・以下延々と続く・・・ というログが目に付くようになった。ソースIPは日本国内。 アクセス先のURLは正しいURLなんだが、中に張ってある画像へのアクセスはなく、 このページだけ何度もアクセスしてくる。refererもなし。 特徴として、必ず3回ひとまとめでアクセスがあって、 その後100秒〜200秒して次のアクセスがある。 ・・・なんだろう? これ。
81 : 忍法帖【Lv=19,xxxPT】 :2011/07/16(土) 03:55:54.68 ID:???.net 31.25.136.18 - - [21/Jun/2011:19:48:48 +0900] "GET /admin/Y-ivrrecording.php?php=info&ip=uname HTTP/1.1" 403 1506 193.227.186.153 - - [21/Jun/2011:14:05:16 +0900] "GET /admin/config.php HTTP/1.1" 403 1506 この2つのPHPに最近よくアクセスくるな。 置いてないのに。 JPまたは逆引き出来ないHOSTからは弾いてるんだけど、404返したほうがいいのかな
82 :DNS未登録さん :2011/07/17(日) 05:23:37.95 ID:???.net >>80 URLから察するに、何かの更新情報とかを書いてるページ? だとしたらスクレイピング目的のアクセスだと思う 実際どんなページなのかわからんから憶測だけど、たぶん悪意はないと思うよ >>81 その手のはbotだから404返したところで無意味
83 :80 :2011/07/17(日) 20:59:14.77 ID:???.net >>82 更新情報と、あとリンク集のページにも似たようなアクセスがある。 意外に、referer spamばら撒くプログラムが動いてるけど、 セキュリティソフトがreferer止めてるとか・・・。 でもreferer spamはもうちょっと挙動が違うんだよな。
84 :DNS未登録さん :2011/07/18(月) 18:07:19.66 ID:???.net リファラスパムにしては間隔がきっちりしすぎてると思う… 試しにHTMLの構造変えて様子見してみ それでペースが崩れたり人の手でアクセスしてくるような痕跡があるかどうか
85 :DNS未登録さん :2011/08/02(火) 01:42:48.19 ID:???.net 68.169.42.240 - - [30/Jul/2011:23:34:52 +0900] "GET //scripts/setup.php HTTP/1.1" 404 215 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:52 +0900] "GET //admin/scripts/setup.php HTTP/1.1" 404 221 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:53 +0900] "GET //admin/pma/scripts/setup.php HTTP/1.1" 404 225 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:53 +0900] "GET //admin/phpmyadmin/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:53 +0900] "GET //db/scripts/setup.php HTTP/1.1" 404 218 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:54 +0900] "GET //dbadmin/scripts/setup.php HTTP/1.1" 404 223 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:54 +0900] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 223 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:54 +0900] "GET //mysql/scripts/setup.php HTTP/1.1" 404 221 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //typo3/phpmyadmin/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //phpadmin/scripts/setup.php HTTP/1.1" 404 224 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:56 +0900] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:56 +0900] "GET //phpmyadmin1/scripts/setup.php HTTP/1.1" 404 227 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:56 +0900] "GET //phpmyadmin2/scripts/setup.php HTTP/1.1" 404 227 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:57 +0900] "GET //pma/scripts/setup.php HTTP/1.1" 404 219 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:57 +0900] "GET //web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 230 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:57 +0900] "GET //xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //web/scripts/setup.php HTTP/1.1" 404 219 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //php-my-admin/scripts/setup.php HTTP/1.1" 404 228 "-" "-"
86 :DNS未登録さん :2011/08/02(火) 01:43:02.02 ID:???.net 68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //websql/scripts/setup.php HTTP/1.1" 404 222 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:59 +0900] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:59 +0900] "GET //phpMyAdmin-2/scripts/setup.php HTTP/1.1" 404 228 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:34:59 +0900] "GET //php-my-admin/scripts/setup.php HTTP/1.1" 404 228 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:01 +0900] "GET //phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:01 +0900] "GET //phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:01 +0900] "GET //phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:02 +0900] "GET //phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:02 +0900] "GET //phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:02 +0900] "GET //phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 238 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:04 +0900] "GET //phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 239 "-" "-"
87 :DNS未登録さん :2011/08/02(火) 01:43:14.21 ID:???.net 68.169.42.240 - - [30/Jul/2011:23:35:04 +0900] "GET //phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:04 +0900] "GET //phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 238 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:05 +0900] "GET //phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:05 +0900] "GET //phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:05 +0900] "GET //phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:07 +0900] "GET //phpMyAdmin-2.6.1-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:07 +0900] "GET //phpMyAdmin-2.6.1-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:07 +0900] "GET //phpMyAdmin-2.6.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:08 +0900] "GET //phpMyAdmin-2.6.1-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:08 +0900] "GET //phpMyAdmin-2.6.1-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:08 +0900] "GET //phpMyAdmin-2.6.1-pl3/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:09 +0900] "GET //phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:09 +0900] "GET //phpMyAdmin-2.6.2-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:09 +0900] "GET //phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:10 +0900] "GET //phpMyAdmin-2.6.2/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:10 +0900] "GET //phpMyAdmin-2.6.2-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
88 :DNS未登録さん :2011/08/02(火) 01:43:38.88 ID:???.net 68.169.42.240 - - [30/Jul/2011:23:35:10 +0900] "GET //phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.3-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.3-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.4-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:12 +0900] "GET //phpMyAdmin-2.6.4-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:12 +0900] "GET //phpMyAdmin-2.6.4-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:12 +0900] "GET //phpMyAdmin-2.6.4-pl3/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:13 +0900] "GET //phpMyAdmin-2.6.4-pl4/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:13 +0900] "GET //phpMyAdmin-2.6.4/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:13 +0900] "GET //phpMyAdmin-2.7.0-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:15 +0900] "GET //phpMyAdmin-2.8.0-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:15 +0900] "GET //phpMyAdmin-2.8.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:15 +0900] "GET //phpMyAdmin-2.8.0-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:16 +0900] "GET //phpMyAdmin-2.8.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:16 +0900] "GET //phpMyAdmin-2.8.0.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
89 :DNS未登録さん :2011/08/02(火) 01:44:10.19 ID:???.net 68.169.42.240 - - [30/Jul/2011:23:35:16 +0900] "GET //phpMyAdmin-2.8.0.2/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.0.3/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.0.4/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.1-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:18 +0900] "GET //phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:18 +0900] "GET //phpMyAdmin-2.8.2.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:18 +0900] "GET //phpMyAdmin-2.8.2.2/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.8.2.3/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.8.2.4/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.10.0.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.10.0.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:20 +0900] "GET //phpMyAdmin-2.10.0.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:20 +0900] "GET //phpMyAdmin-2.10.1.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:20 +0900] "GET //phpMyAdmin-2.10.2.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:21 +0900] "GET //phpMyAdmin-2.11.0.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:21 +0900] "GET //phpMyAdmin-2.11.1.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:21 +0900] "GET //phpMyAdmin-2.11.1.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.1.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.2.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
90 :DNS未登録さん :2011/08/02(火) 01:44:28.84 ID:???.net 68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.2.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.2.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:23 +0900] "GET //phpMyAdmin-2.11.3.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:23 +0900] "GET //phpMyAdmin-2.11.4.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:23 +0900] "GET //phpMyAdmin-2.11.5.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:24 +0900] "GET //phpMyAdmin-2.11.5.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:24 +0900] "GET //phpMyAdmin-2.11.5.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:24 +0900] "GET //phpMyAdmin-2.11.6.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.7.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.7.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.8.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.9.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:26 +0900] "GET //phpMyAdmin-2.11.9.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:26 +0900] "GET //phpMyAdmin-2.11.9.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:26 +0900] "GET //phpMyAdmin-2.11.9.3/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-2.11.9.4/scripts/setup.php HTTP/1.1" 404 235 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-3.0.0.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-3.0.1.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-3.0.1.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:28 +0900] "GET //phpMyAdmin-3.0.2.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
91 :DNS未登録さん :2011/08/02(火) 01:44:45.31 ID:???.net 68.169.42.240 - - [30/Jul/2011:23:35:28 +0900] "GET //phpMyAdmin-3.1.0.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:28 +0900] "GET //phpMyAdmin-3.1.1.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:29 +0900] "GET //phpMyAdmin-3.1.2.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:29 +0900] "GET //phpMyAdmin-3.1.3.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:29 +0900] "GET //phpMyAdmin-2.9.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.0.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.0.2/scripts/setup.php HTTP/1.1" 404 234 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:31 +0900] "GET //phpMyAdmin-2.9.2/scripts/setup.php HTTP/1.1" 404 232 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:31 +0900] "GET //sqlmanager/scripts/setup.php HTTP/1.1" 404 226 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:31 +0900] "GET //mysqlmanager/scripts/setup.php HTTP/1.1" 404 228 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //p/m/a/scripts/setup.php HTTP/1.1" 404 221 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //PMA2005/scripts/setup.php HTTP/1.1" 404 223 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //pma2005/scripts/setup.php HTTP/1.1" 404 223 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //pma2006/scripts/setup.php HTTP/1.1" 404 223 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:33 +0900] "GET //pma2007/scripts/setup.php HTTP/1.1" 404 223 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:33 +0900] "GET //pma2008/scripts/setup.php HTTP/1.1" 404 223 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:33 +0900] "GET //pma2009/scripts/setup.php HTTP/1.1" 404 223 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:34 +0900] "GET //phpmanager/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
92 :DNS未登録さん :2011/08/02(火) 01:45:10.57 ID:???.net 68.169.42.240 - - [30/Jul/2011:23:35:34 +0900] "GET //php-myadmin/scripts/setup.php HTTP/1.1" 404 227 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:34 +0900] "GET //phpmy-admin/scripts/setup.php HTTP/1.1" 404 227 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //webadmin/scripts/setup.php HTTP/1.1" 404 224 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //sqlweb/scripts/setup.php HTTP/1.1" 404 222 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //websql/scripts/setup.php HTTP/1.1" 404 222 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //webdb/scripts/setup.php HTTP/1.1" 404 221 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:36 +0900] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:36 +0900] "GET //mysql-admin/scripts/setup.php HTTP/1.1" 404 227 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:36 +0900] "GET //databaseadmin/scripts/setup.php HTTP/1.1" 404 229 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:37 +0900] "GET //admm/scripts/setup.php HTTP/1.1" 404 220 "-" "-" 68.169.42.240 - - [30/Jul/2011:23:35:37 +0900] "GET //admn/scripts/setup.php HTTP/1.1" 404 220 "-" "-" 歴代PHPMyAdmin探してるっぽい
93 :DNS未登録さん :2011/08/02(火) 10:18:21.08 ID:???.net >>92 おまえ、気持ち悪い
94 :DNS未登録さん :2011/08/02(火) 18:05:07.82 ID:???.net 意味不明ワロチ
95 :DNS未登録さん :2011/08/02(火) 23:27:35.19 ID:???.net >>93 お前馬鹿かスレタイ100回音読しろ >>85-92 は文字量は多いが アタックのやってきた様子もよくわかる。だから価値アリで問題なし。 ∩___∩ \ヽ | ノ ヽ \ \ヽ / ● ● | ヽ ヽ \ | ( _●_) ミ i l ヽ 彡、 |∪| ノ i l l i / _ ヽノ ) l i | l (___) / / ,,-----、 / / |;:::: ::::| ⊂二(⌒ )二二二|;:::: ::::|⊃ /', ', ¨  ̄ ヽ∴。|;::::',ヾ,::::| /。・,/∴ -:'ヾ|!|!!,i,,!ii,!l,・∵,・、 >>93
96 :DNS未登録さん :2011/08/04(木) 15:30:50.60 ID:???.net phpMyAdminアタックが多いわ
97 :DNS未登録さん :2011/08/11(木) 00:07:30.07 ID:???.net 外からのアタックではないんだが・・・BINDのスレはあるけど、 DNS全般のスレはなさそうだったので(なくなっちゃった?)。 構内のPCがDNSキャッシュに対して、 ランダム文字列.DHCPの返したドメイン というクエリを3回続けて出してるログが・・・。 1日数回やらかすこともあれば、やらかなさない日もある。 何がトリガになっているのかも分からない。 もちろんNXDOMAINが返るんだが、カミンスキーでもなさそうだし。 今のところ実害はないけど、なんかちょっと気持ち悪い。 何かご存知の方、いらっしゃいます?
98 :DNS未登録さん :2011/08/13(土) 10:00:34.54 ID:???.net おまえ宇宙人だろ、地球の言葉で書け
99 :DNS未登録さん :2011/08/14(日) 00:38:20.63 ID:mNJmTQUE.net おまえ地球人だろ、宇宙人の言葉で書け
100 :DNS未登録さん :2011/08/15(月) 01:57:14.43 ID:???.net 202.75.211.206 [2011.8/14-22:06:33 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 202.75.211.206 [2011.8/14-22:06:33 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:- 202.75.211.206 [2011.8/14-22:06:33 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:- 202.75.211.206 [2011.8/14-22:06:36 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:- 202.75.211.206 [2011.8/14-22:06:39 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:- 202.75.211.206 [2011.8/14-22:06:40 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
146 KB
新着レスの表示
掲示板に戻る
全部
前100
次100
最新50
read.cgi ver 2014.07.20.01.SC 2014/07/20 D ★
本文 スレッドタイトル 投稿者