[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
HI all hope you all had a good Bank hols, Now I have the router open to the Internet.... what dynamic firewall rules sw would you recommend to stop these sort of attempts 00.206.117.22 - - [29/Aug/2011:12:48:42 +0100] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 488 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:43 +0100] "GET /3rdparty/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 483 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:43 +0100] "GET /admin/mysql/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:44 +0100] "GET /admin/phpmyadmin/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:45 +0100] "GET /admin/pma/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:45 +0100] "GET /_admin/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:46 +0100] "GET /admin/scripts/setup.php HTTP/1.1" 404 474 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:47 +0100] "GET admin/scripts/setup.php HTTP/1.1" 400 472 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:47 +0100] "GET /admm/scripts/setup.php HTTP/1.1" 404 473 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:48 +0100] "GET /admn/scripts/setup.php HTTP/1.1" 404 473 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:48 +0100] "GET /backup/phpmyadmin/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:49 +0100] "GET /backup/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 482 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:53 +0100] "GET /bkup/phpmyadmin/scripts/setup.php HTTP/1.1" 404 480 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:53 +0100] "GET /bkup/phpMyAdmin/scripts/setup.php HTTP/1.1" 404 480 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:54 +0100] "GET /cpadmindb/scripts/setup.php HTTP/1.1" 404 477 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:54 +0100] "GET /cpadmin/scripts/setup.php HTTP/1.1" 404 475 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:56 +0100] "GET /cpanelmysql/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:56 +0100] "GET /cpanelphpmyadmin/scripts/setup.php HTTP/1.1" 404 481 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:57 +0100] "GET /cpanelsql/scripts/setup.php HTTP/1.1" 404 477 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:58 +0100] "GET /cpdbadmin/scripts/setup.php HTTP/1.1" 404 477 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:58 +0100] "GET /cpphpmyadmin/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:59 +0100] "GET /databaseadmin/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:48:59 +0100] "GET /dbadmin/scripts/setup.php HTTP/1.1" 404 475 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:00 +0100] "GET /db/scripts/setup.php HTTP/1.1" 404 471 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:01 +0100] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:01 +0100] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 476 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:02 +0100] "GET /mysqladminconfig/scripts/setup.php HTTP/1.1" 404 483 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:03 +0100] "GET /mysql-admin/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:03 +0100] "GET /mysqladmin/scripts/setup.php HTTP/1.1" 404 478 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:05 +0100] "GET /MySQLAdmin/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:05 +0100] "GET /mysqlmanager/scripts/setup.php HTTP/1.1" 404 480 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:06 +0100] "GET /mysql/scripts/setup.php HTTP/1.1" 404 475 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:06 +0100] "GET /phpadmin/scripts/setup.php HTTP/1.1" 404 475 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:07 +0100] "GET /phpmanager/scripts/setup.php HTTP/1.1" 404 477 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:08 +0100] "GET /phpm/scripts/setup.php HTTP/1.1" 404 473 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:08 +0100] "GET /phpmyadmin1/scripts/setup.php HTTP/1.1" 404 478 "-" "ZmEu" 200.206.117.22 - - [29/Aug/2011:12:49:09 +0100] "GET /phpMyAdmin1/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu" Obvoiusly 200.206.117.22 is now blocked, but can I have something which looks at the 404, or wherever 479 is and say "no page found" so they are opportunist hackers and we will block them. -- ________________________________________________________________________ Regards Kevin Lucas Minions Post Master(Sub) sip:kevin.lucas@xxxxxxxxx www.minionsbandb.co.uk www.tearooms.minionsbandb.co.uk FaceBook Minions_shop Po House, Minions, Liskeard Cornwall PL14 5LE 01579363386 -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq