[Wien] [ff] Re: (security tipp) phpMyAdmin
Felix Ehritz
(spam-protected)
Mo Sep 13 19:18:23 CEST 2010
ich beobachte ähnliches.
wohl bemerkt, ich habe auf meinem server kein phpmyadmin:
(und den server hab ich gestern (sonntag) neu aufgesetzt
access.log (auszug)
78.41.112.82 - - [13/Sep/2010:14:18:42 +0200] "GET /scripts/setup.php
HTTP/1.1" 404 469 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:42 +0200] "GET /admin/scripts/setup.php
HTTP/1.1" 401 632 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:42 +0200] "GET
/admin/pma/scripts/setup.php HTTP/1.1" 401 632 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:42 +0200] "GET
/admin/phpmyadmin/scripts/setup.php HTTP/1.1" 401 632 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:42 +0200] "GET /db/scripts/setup.php
HTTP/1.1" 404 471 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:42 +0200] "GET
/dbadmin/scripts/setup.php HTTP/1.1" 404 474 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:42 +0200] "GET
/myadmin/scripts/setup.php HTTP/1.1" 404 474 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:43 +0200] "GET /mysql/scripts/setup.php
HTTP/1.1" 404 473 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:43 +0200] "GET
/mysqladmin/scripts/setup.php HTTP/1.1" 404 478 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:43 +0200] "GET
/typo3/phpmyadmin/scripts/setup.php HTTP/1.1" 404 480 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:43 +0200] "GET
/phpadmin/scripts/setup.php HTTP/1.1" 404 475 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:43 +0200] "GET
/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:44 +0200] "GET
/phpmyadmin/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:44 +0200] "GET
/phpmyadmin1/scripts/setup.php HTTP/1.1" 404 477 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:44 +0200] "GET
/phpmyadmin2/scripts/setup.php HTTP/1.1" 404 477 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:44 +0200] "GET /pma/scripts/setup.php
HTTP/1.1" 404 472 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:44 +0200] "GET
/web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:44 +0200] "GET
/xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:44 +0200] "GET /web/scripts/setup.php
HTTP/1.1" 404 472 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:44 +0200] "GET
/php-my-admin/scripts/setup.php HTTP/1.1" 404 478 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:45 +0200] "GET /websql/scripts/setup.php
HTTP/1.1" 404 473 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:45 +0200] "GET
/phpmyadmin/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:45 +0200] "GET
/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:45 +0200] "GET
/phpMyAdmin-2/scripts/setup.php HTTP/1.1" 404 478 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:45 +0200] "GET
/php-my-admin/scripts/setup.php HTTP/1.1" 404 478 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:45 +0200] "GET
/phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 480 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:45 +0200] "GET
/phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 480 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:45 +0200] "GET
/phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 487 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 488 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:46 +0200] "GET
/phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 487 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 487 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.1-rc1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.1-rc2/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.1/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.1-pl1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.1-pl2/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
127.0.0.1 - - [13/Sep/2010:14:18:47 +0200] "OPTIONS * HTTP/1.0" 200 152 "-"
"Apache/2.2.14 (Ubuntu) (internal dummy connection)"
78.41.112.82 - - [13/Sep/2010:14:18:47 +0200] "GET
/phpMyAdmin-2.6.1-pl3/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.2-beta1/scripts/setup.php HTTP/1.1" 404 487 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.2/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.2-pl1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.3-rc1/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.3-pl1/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.4-rc1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.4-pl1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.4-pl2/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.4-pl3/scripts/setup.php HTTP/1.1" 404 485 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:48 +0200] "GET
/phpMyAdmin-2.6.4-pl4/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
127.0.0.1 - - [13/Sep/2010:14:18:48 +0200] "OPTIONS * HTTP/1.0" 200 152 "-"
"Apache/2.2.14 (Ubuntu) (internal dummy connection)"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.6.4/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.7.0-beta1/scripts/setup.php HTTP/1.1" 404 487 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.7.0-rc1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.7.0-pl1/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.7.0-pl2/scripts/setup.php HTTP/1.1" 404 484 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.7.0/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.8.0-beta1/scripts/setup.php HTTP/1.1" 404 486 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.8.0-rc1/scripts/setup.php HTTP/1.1" 404 483 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.8.0-rc2/scripts/setup.php HTTP/1.1" 404 483 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.8.0/scripts/setup.php HTTP/1.1" 404 480 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.8.0.1/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.8.0.2/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.8.0.3/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.8.0.4/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:49 +0200] "GET
/phpMyAdmin-2.8.1-rc1/scripts/setup.php HTTP/1.1" 404 483 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/phpMyAdmin-2.8.1/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 480 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/sqlmanager/scripts/setup.php HTTP/1.1" 404 478 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/mysqlmanager/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET /p/m/a/scripts/setup.php
HTTP/1.1" 404 472 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/PMA2005/scripts/setup.php HTTP/1.1" 404 474 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/pma2005/scripts/setup.php HTTP/1.1" 404 474 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/phpmanager/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/php-myadmin/scripts/setup.php HTTP/1.1" 404 477 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/phpmy-admin/scripts/setup.php HTTP/1.1" 404 477 "-" "ZmEu"
127.0.0.1 - - [13/Sep/2010:14:18:50 +0200] "OPTIONS * HTTP/1.0" 200 152 "-"
"Apache/2.2.14 (Ubuntu) (internal dummy connection)"
78.41.112.82 - - [13/Sep/2010:14:18:50 +0200] "GET
/webadmin/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:51 +0200] "GET /sqlweb/scripts/setup.php
HTTP/1.1" 404 473 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:51 +0200] "GET /websql/scripts/setup.php
HTTP/1.1" 404 473 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:51 +0200] "GET /webdb/scripts/setup.php
HTTP/1.1" 404 472 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:51 +0200] "GET
/mysqladmin/scripts/setup.php HTTP/1.1" 404 478 "-" "ZmEu"
78.41.112.82 - - [13/Sep/2010:14:18:51 +0200] "GET
/mysql-admin/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu"
-----Ursprüngliche Nachricht-----
Von: (spam-protected)
[mailto:(spam-protected)] Im Auftrag von Adrian D
Gesendet: Sonntag, 12. September 2010 21:40
An: (spam-protected)
Betreff: Re: [Wien] [ff] Re: (security tipp) phpMyAdmin
auf meinen servern sehe ich im moment davon recht viel:
http://linux.m2osw.com/zmeu-attack
der probiert systematisch phpmyadmin zu finden.
lg,
adrian
--
Wien mailing list
(spam-protected)
http://lists.funkfeuer.at/mailman/listinfo/wien
Mehr Informationen über die Mailingliste Wien