1read 100read
2011年11月2期自宅サーバ19: アタックNo1してきたIPを晒すスレ (106) TOP カテ一覧 スレ一覧 2ch元 削除依頼

アタックNo1してきたIPを晒すスレ


1 :11/02/01 〜 最終レス :11/11/03
涙が出ちゃう

2 :
212.83.42.101 WEBの常連さん。
MyAdmin myadmin mysql phpMyAdmin phpmyadmin pma webdav geeklog/bbs/fckeditor/editor
その他色々なフォルダを探して手当たりしだいアクセス、sshのログインも一生懸命してくる

3 :
>>2
IP毎回違うけど、うちにもphpMyAdminとかpmaとか探しに何回も来てるよ

4 :
phpMyAdminは多いいね。 それ以外はロボットばっかり

5 :
Feb 1 20:53:36 192 sshd[30181]: refused connect from ::ffff:221.206.130.3 (::ffff:221.206.130.3)
Feb 1 21:50:22 192 sshd[30308]: refused connect from ::ffff:221.206.130.3 (::ffff:221.206.130.3)
Feb 1 23:10:01 192 sshd[30585]: refused connect from ::ffff:61.163.56.24 (::ffff:61.163.56.24)
Feb 1 23:50:12 192 sshd[30654]: refused connect from ::ffff:61.163.56.24 (::ffff:61.163.56.24)
Feb 2 00:20:23 192 sshd[30768]: refused connect from ::ffff:60.12.11.62 (::ffff:60.12.11.62)
Feb 2 01:54:23 192 sshd[30957]: refused connect from ::ffff:128.226.170.170 (::ffff:128.226.170.170)
Feb 2 04:37:54 192 sshd[31317]: refused connect from ::ffff:202.205.176.115 (::ffff:202.205.176.115)
SSHのポートを22から変えたら全く来なくなったけど、試しに22に戻したらまた来た。
22が開いてるところしか狙ってないのかな。

6 :
うちもphpMyAdmin関係は多い
# cat /var/log/httpd/access_log | grep 110.172.52.5 | wc -l
951

7 :
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:00 +0900] "GET /php-my-admin/scripts/setup.php HTTP/1.1" 404 228
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:00 +0900] "GET /phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:00 +0900] "GET /phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:01 +0900] "GET /phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:01 +0900] "GET /phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:02 +0900] "GET /phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:02 +0900] "GET /phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:02 +0900] "GET /phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:03 +0900] "GET /phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:03 +0900] "GET /phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:03 +0900] "GET /phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:04 +0900] "GET /phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:04 +0900] "GET /phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:05 +0900] "GET /phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:05 +0900] "GET /phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 238
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:05 +0900] "GET /phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 239
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:06 +0900] "GET /phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 238
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:06 +0900] "GET /phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 238
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:06 +0900] "GET /phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:07 +0900] "GET /phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:07 +0900] "GET /phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:08 +0900] "GET /phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:08 +0900] "GET /phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:08 +0900] "GET /phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:09 +0900] "GET /phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:22 +0900] "GET /phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 232
こういう奴か

8 :
こいつ アタックNO1w
FNAfb-09p2-253.ppp11.odn.ad.jp

9 :
91.121.243.113
>7と同じ。phpMyAdmin関係総なめ

10 :
>2
sshdは、denyhostお勧め。
アタックしてきたアドレスを、自動でブロックしてくれる。
我が家の現状:
% egrep ^sshd /etc/hosts.deny | wc -l
1100

11 :
apacheってリクエストがないとログ記録されないっけ

12 :
            ,, -――-、         |    アタックチャンス !!
            //ヾソ)),il|,);r、.    人
          /";彡`ヾド!ソツノ゙ミヾ、      ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄
           i;彡   _ _   ミ. i
         ,i;;;彡 ,.,._ .  :_..、ヾ/
         i:yv. ´;.。.、`; ;。:、 リ
         ヽ`i  、 _;ノ,: i、:_,. !
         `| ,__、,.r、_.bヽ. ,′
        /r´.三ミD‐-;→;ソ
    , : -´ ̄|::::|´^, r〕!Ξ´.ノ‐- 、.
  /::::::::::::::::ヽノ   )´、:_丿|::\:::::::`‐-、.
./ :::::::\_:::::::∧ , _.∧ ./.ヽ !:::::::ヽ:::::::::|:`,

13 :
googleのbotしかこねー

14 :
61.19.255.14 - - [07/Feb/2011:03:59:46 +0900] "GET /roundcubemail/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:46 +0900] "GET /rc/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:46 +0900] "GET /webmail/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:47 +0900] "GET /roundcube/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:47 +0900] "GET /mail/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:47 +0900] "GET /README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
phpMyAdmin以外に、こんな奴も最近来るようになった

15 :
これは何がしたいんだ

16 :
http://www.ipa.go.jp/security/fy21/reports/tech1-tg/a_07.html
Roundcube

17 :
これは何がしたいんだ

18 :
単純にroundcubeを置いてるかどうか探してるんでしょ
roundcube使ったことないから知らないけど、phpMyAdminみたいにセキュリティホールあるんじゃないの?

19 :
先月はこんな感じ。去年に比べてだいぶ減ったなぁ。
http://uproda.2ch-library.com/3421976IH/lib342197.jpg

20 :
>>14と全く同じのが来てた
日時もほぼ同じ
あとこんなのとか
67.205.111.77 (5rreo.com)
Date,Time,Method,URL,Query,HTTP,Status,Size,Referer,Keyword,Agent
2011/02/04,03:15:23,GET,"/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:24,GET,"/cart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:25,GET,"/zen-cart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:25,GET,"/zencart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:26,GET,"/zen/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:27,GET,"/butik/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:27,GET,"/shop/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:28,GET,"/butik/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:28,GET,"/zcart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:29,GET,"/catalog/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:29,GET,"/shop2/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:30,GET,"/boutique/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:31,GET,"/store/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"

21 :
http://members3.jcom.home.ne.jp/rising-sun/
こちらにURLを掲載されてから、スパマーが大挙して書き込みに来るようになりました。
それまで5hot/月くらいだったので、どうやって俺のサイトを見つけたのか不思議です。

22 :
馬鹿サイトサーチャーに引っかかったんじゃねw あほかと

23 :
>>21
馬鹿だろ?
自しなさい

24 :
5分から数時間周期で、うちの掲示板を爆撃してくれてるIPの方々
125-14-198-192.rev.home.ne.jp
155.215.232.111.ap.yournet.ne.jp
173.60.112.219.ap.yournet.ne.jp
182-167-50-41f1.kyt1.eonet.ne.jp
36.76.44.61.ap.yournet.ne.jp
55.223.183.58.megaegg.ne.jp
fa211-113.infoaomori.ne.jp
fe219-224.infoaomori.ne.jp
gd202157012064.u31.kcn-tv.ne.jp
i121-115-10-40.s05.a002.ap.plala.or.jp
i60-34-249-28.s05.a002.ap.plala.or.jp
kd111098033213.ppp-bb.dion.ne.jp
nttkyo787161.tkyo.nt.ftth.ppp.infoweb.ne.jp
p1208-ipbf11matuyama.ehime.ocn.ne.jp
p2176-ipbf31osakakita.osaka.ocn.ne.jp
p2220-ipbf217hodogaya.kanagawa.ocn.ne.jp
p4001-ipbf506okidate.aomori.ocn.ne.jp
p4043-ipbfp505oomichi.oita.ocn.ne.jp
p6107-ipad24osakakita.osaka.ocn.ne.jp
fe219-224.infoaomori.ne.jp
gd202157012064.u31.kcn-tv.ne.jp
i121-115-10-40.s05.a002.ap.plala.or.jp
i60-34-249-28.s05.a002.ap.plala.or.jp
kd111098033213.ppp-bb.dion.ne.jp
nttkyo787161.tkyo.nt.ftth.ppp.infoweb.ne.jp
p1208-ipbf11matuyama.ehime.ocn.ne.jp
p2176-ipbf31osakakita.osaka.ocn.ne.jp
p2220-ipbf217hodogaya.kanagawa.ocn.ne.jp
p4001-ipbf506okidate.aomori.ocn.ne.jp
p4043-ipbfp505oomichi.oita.ocn.ne.jp
p6107-ipad24osakakita.osaka.ocn.ne.jp
pd9c147.aicint01.ap.so-net.ne.jp
softbank126028210215.bbtec.net
z130201.dynamic.ppp.asahi-net.or.jp

25 :
今日のエロPOST
110.4.130.201 111.232.215.155
112.136.113.83 113.146.93.230
113.197.189.143 114.168.207.139
114.170.128.214 114.184.9.220
118.104.172.220 118.104.179.201
118.109.143.39 118.8.38.149
118.9.220.244 119.106.141.196
119.171.129.173 119.240.104.41
121.110.118.125 121.112.239.228
121.84.232.185 121.87.9.57
121.94.255.149 122.132.10.123
122.135.162.147 123.220.39.220
124.147.111.65 124.214.165.15
124.24.204.121 124.96.171.120
124.96.52.43 125.14.198.192
125.204.241.189 125.207.20.146
126.127.166.209 126.131.28.248
126.14.122.149 150.70.75.161
180.131.90.82
180.144.58.187
180.221.227.142
180.5.197.245
182.167.80.18
182.168.195.197
183.76.79.10
202.157.12.64
202.226.208.164
202.226.214.49
211.2.66.140
216.104.15.130
216.104.15.134
216.104.15.138
216.104.15.142
218.231.172.112
219.111.124.66
219.112.60.122
219.8.100.11
220.56.10.183
221.190.78.15
221.20.34.163
222.144.50.1
222.226.145.26
58.0.105.152
58.169.234.43
58.183.5.68
58.188.233.9
60.237.4.90
60.239.223.164
60.39.34.90
61.210.188.161
61.44.54.37
61.46.27.183
61.89.161.187
61.89.165.136

26 :
上の奴へ
ポスト系は、IP変えながら投げるツールが腐るほどあるから
いくら晒しても無駄だと思われ。
ツール使えば月50万くらいは稼げるぞw

27 :
MA
NU
KE
HA
SI
N
DE
KU
RE

28 :
>>26
IP変えてくる奴もいるけど、
223.132.1.24は、9千回以上ログに出てくる

29 :
220.105.173.3

30 :
p840118.tokynt01.ap.so-net.ne.jp

31 :
苦しくたって 悲しくたって jailの中なら平気なの?
…スマソ

32 :
91.121.108.5 [22/Feb/2011:01:49:51 +0900] "GET /scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:49:51 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
91.121.108.5 [22/Feb/2011:01:49:52 +0900] "GET /db/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:49:57 +0900] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:03 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:09 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:15 +0900] "GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:21 +0900] "GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:27 +0900] "GET /web/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:30 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
89.149.242.190 [22/Feb/2011:02:44:31 +0900] "GET /PHPMYADMIN/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:31 +0900] "GET /3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:37 +0900] "GET /PMA/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:43 +0900] "GET /PMA2005/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:52 +0900] "GET /SSLMySQLAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:58 +0900] "GET /admin/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:04 +0900] "GET /admin/pma/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:10 +0900] "GET /admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:16 +0900] "GET /bbs/data/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:22 +0900] "GET /cpadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:28 +0900] "GET /cpadmindb/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:34 +0900] "GET /cpanelmysql/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:40 +0900] "GET /cpanelphpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:46 +0900] "GET /cpanelsql/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:52 +0900] "GET /cpdbadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:58 +0900] "GET /cpphpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:04 +0900] "GET /db/scripts/setup.php HTTP/1.1" 404 REF:-

33 :
89.149.242.190 [22/Feb/2011:02:46:10 +0900] "GET /dbadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:16 +0900] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:22 +0900] "GET /mysql-admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:28 +0900] "GET /mysql/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:34 +0900] "GET /mysqladmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:35 +0900] "GET /mysqlmanager/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:41 +0900] "GET /p/m/a/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:35 +0900] "GET /mysqladminconfig/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:47 +0900] "GET /pMA/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:53 +0900] "GET /php-my-admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:59 +0900] "GET /php-myadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:05 +0900] "GET /phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:11 +0900] "GET /phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:17 +0900] "GET /phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:23 +0900] "GET /phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:29 +0900] "GET /phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:35 +0900] "GET /phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:41 +0900] "GET /phpMyAdmin-2.5.5-rc1config/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:47 +0900] "GET /phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:53 +0900] "GET /phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:59 +0900] "GET /phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:05 +0900] "GET /phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:11 +0900] "GET /phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:17 +0900] "GET /phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:23 +0900] "GET /phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:29 +0900] "GET /phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:35 +0900] "GET /phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 REF:-

34 :
89.149.242.190 [22/Feb/2011:02:48:39 +0900] "GET /phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:38 +0900] "GET /phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:45 +0900] "GET /phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:51 +0900] "GET /phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:57 +0900] "GET /phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:03 +0900] "GET /phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:09 +0900] "GET /phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:15 +0900] "GET /phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:21 +0900] "GET /phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:27 +0900] "GET /phpMyAdmin-2.6.1-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:33 +0900] "GET /phpMyAdmin-2.6.1-pl2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:39 +0900] "GET /phpMyAdmin-2.6.1-pl3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:45 +0900] "GET /phpMyAdmin-2.6.1-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:51 +0900] "GET /phpMyAdmin-2.6.1-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:57 +0900] "GET /phpMyAdmin-2.6.1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:03 +0900] "GET /phpMyAdmin-2.6.2-beta1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:09 +0900] "GET /phpMyAdmin-2.6.2-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:15 +0900] "GET /phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:21 +0900] "GET /phpMyAdmin-2.6.2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:27 +0900] "GET /phpMyAdmin-2.6.3-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:33 +0900] "GET /phpMyAdmin-2.6.3-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:39 +0900] "GET /phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:43 +0900] "GET /phpMyAdmin-2.6.4-pl2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:42 +0900] "GET /phpMyAdmin-2.6.4-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:49 +0900] "GET /phpMyAdmin-2.6.4-pl3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:55 +0900] "GET /phpMyAdmin-2.6.4-pl4/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:01 +0900] "GET /phpMyAdmin-2.6.4-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:07 +0900] "GET /phpMyAdmin-2.6.4/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:13 +0900] "GET /phpMyAdmin-2.7.0-beta1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:19 +0900] "GET /phpMyAdmin-2.7.0-pl1/scripts/setup.php HTTP/1.1" 404 REF:-

35 :
89.149.242.190 [22/Feb/2011:02:51:25 +0900] "GET /phpMyAdmin-2.7.0-pl2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:31 +0900] "GET /phpMyAdmin-2.7.0-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:37 +0900] "GET /phpMyAdmin-2.7.0/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:43 +0900] "GET /phpMyAdmin-2.8.0-beta1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:49 +0900] "GET /phpMyAdmin-2.8.0-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:55 +0900] "GET /phpMyAdmin-2.8.0-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:01 +0900] "GET /phpMyAdmin-2.8.0.1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:07 +0900] "GET /phpMyAdmin-2.8.0.2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:13 +0900] "GET /phpMyAdmin-2.8.0.3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:19 +0900] "GET /phpMyAdmin-2.8.0.4/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:25 +0900] "GET /phpMyAdmin-2.8.0/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:31 +0900] "GET /phpMyAdmin-2.8.1-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:37 +0900] "GET /phpMyAdmin-2.8.1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:43 +0900] "GET /phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:46 +0900] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:46 +0900] "GET /phpMyAdmin-2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:52 +0900] "GET /phpMyAdmin2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:58 +0900] "GET /phpadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:04 +0900] "GET /phpmanager/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:10 +0900] "GET /phpmy-admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:16 +0900] "GET /phpmya/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:22 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:28 +0900] "GET /phpmyadmin1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:34 +0900] "GET /phpmyadmin2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:40 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:46 +0900] "GET /pma2005/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:52 +0900] "GET /roundcube/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:58 +0900] "GET /scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:04 +0900] "GET /sl2/data/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:10 +0900] "GET /sqladmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:16 +0900] "GET /sqlmanager/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:22 +0900] "GET /sqlweb/scripts/setup.php HTTP/1.1" 404 REF:-

36 :
89.149.242.190 [22/Feb/2011:02:54:28 +0900] "GET /typo3/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:34 +0900] "GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:40 +0900] "GET /web/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:46 +0900] "GET /webadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:50 +0900] "GET /webdb/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:50 +0900] "GET /websql/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:56 +0900] "GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:02 +0900] "GET /~/PMA/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:08 +0900] "GET /~/admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:14 +0900] "GET /~/myadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:20 +0900] "GET /~/phpadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:26 +0900] "GET /~/phpmanager/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:32 +0900] "GET /~/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:38 +0900] "GET :2086/3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 400 REF:-
89.149.242.190 [22/Feb/2011:02:55:44 +0900] "GET :2087/3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 400 REF:-
89.149.242.190 [22/Feb/2011:02:55:50 +0900] "GET :81/phpmyadmin/scripts/setup.php HTTP/1.1" 400 REF:-
アタックなんて映画の中だけの話だと思ってました

37 :
ついでにユーザエージェント
UA:ZmEu

38 :
phpmyadminが大好きなんだろうな
i125-202-167-50.s10.a029.ap.plala.or.jp

39 :
89.106.13.209 - - [24/Feb/2011:03:08:57 +0900] "GET //phpmyadmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:08:57 +0900] "GET //phpMyAdmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:08:58 +0900] "GET //admin/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:08:59 +0900] "GET //dbadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:08:59 +0900] "GET //myadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:00 +0900] "GET //mysql/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:01 +0900] "GET //mysqladmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:01 +0900] "GET //phpadmin/ HTTP/1.1" 403 211 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:02 +0900] "GET //pma/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:03 +0900] "GET //phpdb/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:03 +0900] "GET //db/ HTTP/1.1" 403 205 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:04 +0900] "GET //mysqladmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:05 +0900] "GET //SQL/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:05 +0900] "GET //padmin/ HTTP/1.1" 403 209 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:06 +0900] "GET //pmadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:07 +0900] "GET //webdb/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
既出かな?

40 :
既出っていうか、もう手当たり次第って感じだな
でも、うちには何週間か来てない

41 :
pma関係は来るときはドカッとくる

42 :
::1 - - [25/Feb/2011:04:07:33 +0900] "OPTIONS * HTTP/1.0" 200 - "-" "Apache (internal dummy connection)"
手前は節穴か

43 :
77.222.43.19 - - [25/Feb/2011:22:57:37 +0900] "GET //phpmyadmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:38 +0900] "GET //phpMyAdmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:38 +0900] "GET //MyAdmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:41 +0900] "GET //myadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:44 +0900] "GET //pma/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:45 +0900] "GET //mysql/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
mod_geoipで弾いてるから実害無いが また来てやがる

44 :
//っていうのがうざいよね。
馬鹿なのって思うわ。

45 :
いや、馬鹿なんでしょ。

46 :
195.7.10.56 [26/Feb/2011:13:38:52 +0900] GET //phpMyAdmin/scripts/setup.php HTTP/1.1 404 226
195.7.10.56 [26/Feb/2011:13:38:52 +0900] GET //phpMyAdmin1/scripts/setup.php HTTP/1.1 404 227
195.7.10.56 [26/Feb/2011:13:38:53 +0900] GET //phpMyAdmin-2/scripts/setup.php HTTP/1.1 404 228
195.7.10.56 [26/Feb/2011:13:38:54 +0900] GET //phpadmin/scripts/setup.php HTTP/1.1 404 224
195.7.10.56 [26/Feb/2011:13:38:55 +0900] GET //phpmyadmin/scripts/setup.php HTTP/1.1 404 226
195.7.10.56 [26/Feb/2011:13:38:55 +0900] GET //phpmyadmin.old/scripts/setup.php HTTP/1.1 404 230
195.7.10.56 [26/Feb/2011:13:38:56 +0900] GET //old.phpmyadmin/scripts/setup.php HTTP/1.1 404 230
195.7.10.56 [26/Feb/2011:13:38:57 +0900] GET //phpmyadmin1/scripts/setup.php HTTP/1.1 404 227
195.7.10.56 [26/Feb/2011:13:38:58 +0900] GET //phpmyadmin-2/scripts/setup.php HTTP/1.1 404 228
195.7.10.56 [26/Feb/2011:13:38:58 +0900] GET //phpmyadmin1/scripts/setup.php HTTP/1.1 404 227
195.7.10.56 [26/Feb/2011:13:38:59 +0900] GET //phpmyadmin2/scripts/setup.php HTTP/1.1 404 227
195.7.10.56 [26/Feb/2011:13:39:00 +0900] GET //pma/scripts/setup.php HTTP/1.1 404 219
とか
46.4.50.141 [27/Feb/2011:03:17:47 +0900] GET //lists/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 219
46.4.50.141 [27/Feb/2011:03:17:47 +0900] GET //newsletter/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 224
46.4.50.141 [27/Feb/2011:03:17:48 +0900] GET //news/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 218
46.4.50.141 [27/Feb/2011:03:17:49 +0900] GET //phplist/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 221
46.4.50.141 [27/Feb/2011:03:17:49 +0900] GET //phpList/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 221
46.4.50.141 [27/Feb/2011:03:17:50 +0900] GET //admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 213
46.4.50.141 [27/Feb/2011:03:17:50 +0900] GET //phplist/lsts/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 226
46.4.50.141 [27/Feb/2011:03:17:51 +0900] GET //phplists/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 222
46.4.50.141 [27/Feb/2011:03:17:51 +0900] GET //list/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 212
のが
1日1回くらい記録されているかなぁ。
SSHDにもやってくる。
reverse mapping checking getaddrinfo for 122.3.134.131.pldt.net [122.3.134.131]
failed - POSSIBLE BREAK-IN ATTEMPT! : 202 time(s)
reverse mapping checking getaddrinfo for 178-162-164-39.local [178.162.164.39]
failed - POSSIBLE BREAK-IN ATTEMPT! : 55 time(s)
Address 64.235.57.228 maps to lasvegas-nv-datacenter.com, but this does not map
back to the address - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)

47 :
>>46
これうちにも来てる

48 :
# ping localhost
# rm -rf /

49 :
メールサーバへの攻撃 113.244.196.159
1日1万通以上はじいてるのに懲りないww

50 :
193.252.15.94
lputeaux-151-43-28-94.w193-252.abo.wanadoo.fr
89.2.94.115
ip-115.net-89-2-94.rev.numericable.fr

51 :
162.78.3.110.ap.yournet.ne.jpなんやて

52 :
74.3.202.84 - - [20/Mar/2011:08:01:18 +0900] "HEAD /phpmyadmintting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //phpMyAdmin/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //admin/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //mysql/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //phpmyadmin2/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:20 +0900] "HEAD /epgrec/envSetting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
PMANと結婚しろ

53 :
昨夜21時過ぎからSMTP鯖へ2~3秒毎に延々アタック
> "2011-04-04 21:15:49","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:15:51","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:15:53","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:15:55","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:15:57","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:00","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:02","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:04","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:06","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:08","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:10","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:12","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:14","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:16","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:18","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
以下略

54 :
なんか見慣れないものがあった
> 2011/04/10,07:49:13,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/","","1.1",200,8097
> 2011/04/10,07:49:17,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:17,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:17,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077

55 :
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077

56 :
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077

57 :
49.212.19.24
www1230ub.sakura.ne.jp
49.212.21.126
www1102ud.sakura.ne.jp

58 :
41.89.28.4 - - [30/Apr/2011:14:35:13 +0900] "GET /webdav/test HTTP/1.1" 404 289 "-" "-"
217.243.187.36 - - [30/Apr/2011:23:45:49 +0900] "GET /webdav/test HTTP/1.1" 404 289 "-" "-"
81.201.60.163 - - [02/May/2011:05:29:09 +0900] "GET /sd/1M HTTP/1.1" 404 280 "-" "-"
195.246.217.24 - - [03/May/2011:07:51:26 +0900] "GET /user/soapCaller.bs HTTP/1.1" 404 296 "-" "Morfeus Fucking Scanner"

59 :
123.30.109.21 - - [04/May/2011:17:00:57 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:00:57 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:00:58 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 403 310 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:01:06 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:01:07 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:01:07 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 403 310 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:02:07 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:02:07 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:02:07 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 403 310 "-" "ZmEu"

60 :
46.28.109.24 [2011.4/03-12:12:23 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:23 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:29 +0900] "GET //dbadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:24 +0900] "GET //admin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:35 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:41 +0900] "GET //mysql/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:47 +0900] "GET //mysqladmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:53 +0900] "GET //phpadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:59 +0900] "GET //pma/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:05 +0900] "GET //phpdb/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:11 +0900] "GET //db/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:17 +0900] "GET //mysqladmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:23 +0900] "GET //SQL/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:29 +0900] "GET //padmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:35 +0900] "GET //pmadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:41 +0900] "GET //webdb/ HTTP/1.1" 404 REF:-

61 :
113.140.75.222 [2011.4/03-19:45:58 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:45:59 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:00 +0900] "GET //pma/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:05 +0900] "GET //dbadmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:11 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:17 +0900] "GET //phppgadmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:23 +0900] "GET //PMA/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:29 +0900] "GET //admin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:35 +0900] "GET //MyAdmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:55:54 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:55:54 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:55:55 +0900] "GET //MyAdmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:56:01 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:56:07 +0900] "GET //pma/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:56:13 +0900] "GET //mysql/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:03 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:04 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:05 +0900] "GET //pma/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:10 +0900] "GET //dbadmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:16 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:22 +0900] "GET //phppgadmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:28 +0900] "GET //PMA/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:34 +0900] "GET //admin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:41 +0900] "GET //MyAdmin/ HTTP/1.1" 404 REF:-
123.30.109.21 [2011.4/20-13:22:53 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
123.30.109.21 [2011.4/20-13:22:52 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
123.30.109.21 [2011.4/30-00:16:47 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
123.30.109.21 [2011.4/30-00:16:48 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
123.30.109.21 [2011.4/30-00:16:48 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
113.57.252.72 [2011.5/04-11:08:05 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
113.57.252.72 [2011.5/04-11:08:05 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
113.57.252.72 [2011.5/04-11:08:06 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
113.57.252.72 [2011.5/04-11:08:07 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
113.57.252.72 [2011.5/04-11:08:12 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-

62 :
phpadminの何を狙ってるんだろう?

63 :
phpMyAdminのsetup.phpのセキュリティホールで任意のコマンドが実行できるらしい
http://www.nttdata-sec.co.jp/article/vulner/pdf/report20090615.pdf

64 :
http://metalgeargadaisuki.blog6.fc2.com/

65 :
googlebotから謎のアクセス
なんだこれ。。。
66.249.69.28 - - [05/May/2011:20:52:21 +0900] "GET /upload/viewer_board/wdviewer.exe HTTP/1.1" 404 315 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.69.28 - - [05/May/2011:20:52:24 +0900] "GET /upload/viewer_board/HwpViewer2007.exe HTTP/1.1" 404 320 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.67.73 - - [05/May/2011:20:52:24 +0900] "GET /upload/viewer_board/AdbeRdr70_kor_full.exe HTTP/1.1" 404 325 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.69.28 - - [05/May/2011:20:52:25 +0900] "GET /upload/viewer_board/Hunv2k.exe HTTP/1.1" 404 313 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"

66 :
GooglebotってそんなUAだったか?

67 :
そうだよ

68 :
1年前に削除したKENTWEBのcgiに向かって、今でも毎日数十アクセスある。
apacheのアクセスログもエラーログも、404やら、File does not existのエラーメッセージでいっぱいwww
IP分散SEOの業者だと思うが、IPをランダム変化させながら広告を発射してくるので、iptablesに都度登録するスクリプトいれても
全くもってリソースの無駄。指定したアドレス(削除されたcgi)にアクセスしたIPはDROPするよう自動登録してるが、もう9000件を超えて
iptablesに食わせる、こっちのメモリリソースが無駄な気がしてきた。
最近のご丁寧に、リファラも指定して打ち込んでくるようになった。すぞwwwwww
http://link.iclub.to/0791597/
http://link.iclub.to/0933/
http://link.iclub.to/13571357/
http://link.iclub.to/nasato/
http://link.iclub.to/neko38/
http://link2.iclub.to/0762609/
http://link3.iclub.to/2264770/
http://link3.iclub.to/2889785/
http://link3.iclub.to/36912/
http://link4.iclub.to/kabu/
http://link6.iclub.to/uru80ta/

69 :
113.33.224.197
ftpアタきたんだけど、リモートデスクトップ開放してるが大丈夫なのかこれ

70 :
208.51.40.50
ずーとポートスキャンしてきてた
このIPアドレスを調べたら中国の新聞(?)サイトらしき所に行き着いたけれど、クラックでもされてるんかな

71 :
85.25.131.109 - - [16/Jun/2011:03:21:39 +0900] "GET /admin/Y-ivrrecording.php?php=info&ip=uname HTTP/1.1" 404 385 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9) Gecko/2008052906 Firefox/3.0"
最近、3日おきぐらいにY-ivrrecording.phpへのアクセスしてくるようになった
そんなファイル置いてないけど

72 :
今こいつが来とる
66.241.100.228
内容は>>61と同じ

73 :
182.164.91.73

74 :
新たなインジェクション攻撃、すでに3万サイトが感染か
http://hibari.2ch.net/test/read.cgi/pcnews/1308317712/

75 :
219.135.253.80(80.253.135.219.broad.gz.gd.dynamic.163data.com.cn)
中国から
FTPにAdministratorでログインしようとしてた

76 :
114.173.176.253 p17253-ipngn100102okayamaima.okayama.ocn.ne.jp
114.174.207.4 p12004-ipngn100105osakakita.osaka.ocn.ne.jp
114.174.253.34 p14034-ipngn100108osakakita.osaka.ocn.ne.jp
114.173.15.191 p12191-ipngn100403kobeminato.hyogo.ocn.ne.jp
114.173.137.79 p18079-ipngn100204niho.hiroshima.ocn.ne.jp
1日20〜30回TCP445への接続を試みてくる
そろそろうざい

77 :
一日50〜120くらいftpにattackくるな
swatchで叩き落としてるが

78 :
次スレのスレタイはこうなるの?
アタックNo2してきたIPを晒すスレ

79 :
アタックチャンス

80 :
適当なところが見つからなかったんで。最近になって、
125.175.54.138 - - [15/Jul/2011:03:32:55 +0900] "GET /you/new.htm HTTP/1.1" 200 55472 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
125.175.54.138 - - [15/Jul/2011:03:32:56 +0900] ↑
125.175.54.138 - - [15/Jul/2011:03:32:56 +0900] ↑
125.175.54.138 - - [15/Jul/2011:03:35:02 +0900] ↑
125.175.54.138 - - [15/Jul/2011:03:35:03 +0900] ↑
125.175.54.138 - - [15/Jul/2011:03:35:03 +0900] ↑
・・・以下延々と続く・・・
というログが目に付くようになった。ソースIPは日本国内。
アクセス先のURLは正しいURLなんだが、中に張ってある画像へのアクセスはなく、
このページだけ何度もアクセスしてくる。refererもなし。
特徴として、必ず3回ひとまとめでアクセスがあって、
その後100秒〜200秒して次のアクセスがある。
・・・なんだろう? これ。

81 :
31.25.136.18 - - [21/Jun/2011:19:48:48 +0900] "GET /admin/Y-ivrrecording.php?php=info&ip=uname HTTP/1.1" 403 1506
193.227.186.153 - - [21/Jun/2011:14:05:16 +0900] "GET /admin/config.php HTTP/1.1" 403 1506
この2つのPHPに最近よくアクセスくるな。
置いてないのに。
JPまたは逆引き出来ないHOSTからは弾いてるんだけど、404返したほうがいいのかな

82 :
>>80
URLから察するに、何かの更新情報とかを書いてるページ?
だとしたらスクレイピング目的のアクセスだと思う
実際どんなページなのかわからんから憶測だけど、たぶん悪意はないと思うよ
>>81
その手のはbotだから404返したところで無意味

83 :
>>82
更新情報と、あとリンク集のページにも似たようなアクセスがある。
意外に、referer spamばら撒くプログラムが動いてるけど、
セキュリティソフトがreferer止めてるとか・・・。
でもreferer spamはもうちょっと挙動が違うんだよな。

84 :
リファラスパムにしては間隔がきっちりしすぎてると思う…
試しにHTMLの構造変えて様子見してみ
それでペースが崩れたり人の手でアクセスしてくるような痕跡があるかどうか

85 :
68.169.42.240 - - [30/Jul/2011:23:34:52 +0900] "GET //scripts/setup.php HTTP/1.1" 404 215 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:52 +0900] "GET //admin/scripts/setup.php HTTP/1.1" 404 221 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:53 +0900] "GET //admin/pma/scripts/setup.php HTTP/1.1" 404 225 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:53 +0900] "GET //admin/phpmyadmin/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:53 +0900] "GET //db/scripts/setup.php HTTP/1.1" 404 218 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:54 +0900] "GET //dbadmin/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:54 +0900] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:54 +0900] "GET //mysql/scripts/setup.php HTTP/1.1" 404 221 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //typo3/phpmyadmin/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //phpadmin/scripts/setup.php HTTP/1.1" 404 224 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:56 +0900] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:56 +0900] "GET //phpmyadmin1/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:56 +0900] "GET //phpmyadmin2/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:57 +0900] "GET //pma/scripts/setup.php HTTP/1.1" 404 219 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:57 +0900] "GET //web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 230 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:57 +0900] "GET //xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //web/scripts/setup.php HTTP/1.1" 404 219 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //php-my-admin/scripts/setup.php HTTP/1.1" 404 228 "-" "-"

86 :
68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //websql/scripts/setup.php HTTP/1.1" 404 222 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:59 +0900] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:59 +0900] "GET //phpMyAdmin-2/scripts/setup.php HTTP/1.1" 404 228 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:59 +0900] "GET //php-my-admin/scripts/setup.php HTTP/1.1" 404 228 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:01 +0900] "GET //phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:01 +0900] "GET //phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:01 +0900] "GET //phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:02 +0900] "GET //phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:02 +0900] "GET //phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:02 +0900] "GET //phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:04 +0900] "GET //phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 239 "-" "-"

87 :
68.169.42.240 - - [30/Jul/2011:23:35:04 +0900] "GET //phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:04 +0900] "GET //phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:05 +0900] "GET //phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:05 +0900] "GET //phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:05 +0900] "GET //phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:07 +0900] "GET //phpMyAdmin-2.6.1-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:07 +0900] "GET //phpMyAdmin-2.6.1-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:07 +0900] "GET //phpMyAdmin-2.6.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:08 +0900] "GET //phpMyAdmin-2.6.1-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:08 +0900] "GET //phpMyAdmin-2.6.1-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:08 +0900] "GET //phpMyAdmin-2.6.1-pl3/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:09 +0900] "GET //phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:09 +0900] "GET //phpMyAdmin-2.6.2-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:09 +0900] "GET //phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:10 +0900] "GET //phpMyAdmin-2.6.2/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:10 +0900] "GET //phpMyAdmin-2.6.2-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"

88 :
68.169.42.240 - - [30/Jul/2011:23:35:10 +0900] "GET //phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.3-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.3-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.4-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:12 +0900] "GET //phpMyAdmin-2.6.4-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:12 +0900] "GET //phpMyAdmin-2.6.4-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:12 +0900] "GET //phpMyAdmin-2.6.4-pl3/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:13 +0900] "GET //phpMyAdmin-2.6.4-pl4/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:13 +0900] "GET //phpMyAdmin-2.6.4/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:13 +0900] "GET //phpMyAdmin-2.7.0-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:15 +0900] "GET //phpMyAdmin-2.8.0-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:15 +0900] "GET //phpMyAdmin-2.8.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:15 +0900] "GET //phpMyAdmin-2.8.0-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:16 +0900] "GET //phpMyAdmin-2.8.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:16 +0900] "GET //phpMyAdmin-2.8.0.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-"

89 :
68.169.42.240 - - [30/Jul/2011:23:35:16 +0900] "GET //phpMyAdmin-2.8.0.2/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.0.3/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.0.4/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.1-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:18 +0900] "GET //phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:18 +0900] "GET //phpMyAdmin-2.8.2.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:18 +0900] "GET //phpMyAdmin-2.8.2.2/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.8.2.3/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.8.2.4/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.10.0.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.10.0.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:20 +0900] "GET //phpMyAdmin-2.10.0.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:20 +0900] "GET //phpMyAdmin-2.10.1.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:20 +0900] "GET //phpMyAdmin-2.10.2.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:21 +0900] "GET //phpMyAdmin-2.11.0.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:21 +0900] "GET //phpMyAdmin-2.11.1.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:21 +0900] "GET //phpMyAdmin-2.11.1.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.1.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.2.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"

90 :
68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.2.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.2.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:23 +0900] "GET //phpMyAdmin-2.11.3.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:23 +0900] "GET //phpMyAdmin-2.11.4.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:23 +0900] "GET //phpMyAdmin-2.11.5.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:24 +0900] "GET //phpMyAdmin-2.11.5.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:24 +0900] "GET //phpMyAdmin-2.11.5.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:24 +0900] "GET //phpMyAdmin-2.11.6.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.7.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.7.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.8.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.9.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:26 +0900] "GET //phpMyAdmin-2.11.9.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:26 +0900] "GET //phpMyAdmin-2.11.9.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:26 +0900] "GET //phpMyAdmin-2.11.9.3/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-2.11.9.4/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-3.0.0.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-3.0.1.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-3.0.1.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:28 +0900] "GET //phpMyAdmin-3.0.2.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"

91 :
68.169.42.240 - - [30/Jul/2011:23:35:28 +0900] "GET //phpMyAdmin-3.1.0.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:28 +0900] "GET //phpMyAdmin-3.1.1.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:29 +0900] "GET //phpMyAdmin-3.1.2.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:29 +0900] "GET //phpMyAdmin-3.1.3.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:29 +0900] "GET //phpMyAdmin-2.9.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.0.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.0.2/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:31 +0900] "GET //phpMyAdmin-2.9.2/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:31 +0900] "GET //sqlmanager/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:31 +0900] "GET //mysqlmanager/scripts/setup.php HTTP/1.1" 404 228 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //p/m/a/scripts/setup.php HTTP/1.1" 404 221 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //PMA2005/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //pma2005/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //pma2006/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:33 +0900] "GET //pma2007/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:33 +0900] "GET //pma2008/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:33 +0900] "GET //pma2009/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:34 +0900] "GET //phpmanager/scripts/setup.php HTTP/1.1" 404 226 "-" "-"

92 :
68.169.42.240 - - [30/Jul/2011:23:35:34 +0900] "GET //php-myadmin/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:34 +0900] "GET //phpmy-admin/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //webadmin/scripts/setup.php HTTP/1.1" 404 224 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //sqlweb/scripts/setup.php HTTP/1.1" 404 222 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //websql/scripts/setup.php HTTP/1.1" 404 222 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //webdb/scripts/setup.php HTTP/1.1" 404 221 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:36 +0900] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:36 +0900] "GET //mysql-admin/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:36 +0900] "GET //databaseadmin/scripts/setup.php HTTP/1.1" 404 229 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:37 +0900] "GET //admm/scripts/setup.php HTTP/1.1" 404 220 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:37 +0900] "GET //admn/scripts/setup.php HTTP/1.1" 404 220 "-" "-"
歴代PHPMyAdmin探してるっぽい

93 :
>>92
おまえ、気持ち悪い

94 :
意味不明ワロチ

95 :
>>93
お前馬鹿かスレタイ100回音読しろ
>>85-92は文字量は多いが
アタックのやってきた様子もよくわかる。だから価値アリで問題なし。
     ∩___∩   \ヽ
     | ノ     ヽ   \ \ヽ
     /  ●   ● |    ヽ ヽ \
    |    ( _●_)  ミ    i l  ヽ
   彡、   |∪|   ノ    i l  l i
   / _  ヽノ   )    l i  | l
  (___)     / /    ,,-----、
          / /    |;::::  ::::|
       ⊂二(⌒ )二二二|;::::  ::::|⊃ /', ', ¨
           ̄  ヽ∴。|;::::',ヾ,::::| /。・,/∴
              -:'ヾ|!|!!,i,,!ii,!l,・∵,・、
                 >>93

96 :
phpMyAdminアタックが多いわ

97 :
外からのアタックではないんだが・・・BINDのスレはあるけど、
DNS全般のスレはなさそうだったので(なくなっちゃった?)。
構内のPCがDNSキャッシュに対して、
ランダム文字列.DHCPの返したドメイン
というクエリを3回続けて出してるログが・・・。
1日数回やらかすこともあれば、やらかなさない日もある。
何がトリガになっているのかも分からない。
もちろんNXDOMAINが返るんだが、カミンスキーでもなさそうだし。
今のところ実害はないけど、なんかちょっと気持ち悪い。
何かご存知の方、いらっしゃいます?

98 :
おまえ宇宙人だろ、地球の言葉で書け

99 :
おまえ地球人だろ、宇宙人の言葉で書け

100read 1read
1read 100read
TOP カテ一覧 スレ一覧 2ch元 削除依頼