Yoni Posted January 12, 2012 Report Share Posted January 12, 2012 This is why everyone should be concerned about the web server security. There are scripts kiddies messing around all day long and trying to find vulnerabilities in your web server. [Wed Jan 11 19:48:14 2012] [error] [client 218.80.254.134] (20024)The given path is misformatted or contained invalid characters: Cannot map GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1 to file[Wed Jan 11 19:48:14 2012] [error] [client 218.80.254.134] File does not exist: D:/UniServer/www/admin[Wed Jan 11 19:48:14 2012] [error] [client 218.80.254.134] File does not exist: D:/UniServer/www/admin[Wed Jan 11 19:48:15 2012] [error] [client 218.80.254.134] File does not exist: D:/UniServer/www/admin[Wed Jan 11 23:58:20 2012] [error] [client 119.60.2.40] (20024)The given path is misformatted or contained invalid characters: Cannot map GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1 to file[Wed Jan 11 23:58:20 2012] [error] [client 119.60.2.40] File does not exist: D:/UniServer/www/phpMyAdmin[Wed Jan 11 23:58:21 2012] [error] [client 119.60.2.40] File does not exist: D:/UniServer/www/phpmyadmin[Wed Jan 11 23:58:22 2012] [error] [client 119.60.2.40] File does not exist: D:/UniServer/www/pma[Wed Jan 11 23:58:22 2012] [error] [client 119.60.2.40] File does not exist: D:/UniServer/www/myadmin[Wed Jan 11 23:58:23 2012] [error] [client 119.60.2.40] File does not exist: D:/UniServer/www/MyAdmin[Thu Jan 12 13:14:10 2012] [error] [client 173.226.105.226] File does not exist: D:/UniServer/www/vhosts[Thu Jan 12 13:14:11 2012] [error] [client 173.226.105.226] File does not exist: D:/UniServer/www/ehcp Never doubt it, even when you don't see it on a daily basis, it is happening. This is when your apache rules rule! The rest is taken care by the firewall... Quote <p class="bbc_center"><span style="font-size:12px;"><strong>Yoni</strong></span></p> Link to comment Share on other sites More sharing options...
rustyp Posted January 21, 2012 Report Share Posted January 21, 2012 So what was it they were trying to do? Quote Link to comment Share on other sites More sharing options...
Yoni Posted January 22, 2012 Author Report Share Posted January 22, 2012 So what was it they were trying to do?Most of the time you want to attack the weakest spot on a server. Hackers are smart enough to understand that your server is as secure as the weakest vulnerability they can target. They ain't doing anything in specific at that point. They are just trying to map the setup there. If they can find something like phpmyadmin, admin page of any kind or applications that are not secured by default then they already have a target. Brute forcing your admin login (or any login) against a 30GB-40GB passwords database is a good start and simple to implement. Lazy admins tend to believe that running a server is just a matter of setting it and forgetting it. They can't be farther from the truth, you should always keep your eyes in your server's logs. Once you start doing so, you actually start making your server a lot more secure by nature. I'm loving UniServer, honestly. It can't get any simpler. Quote <p class="bbc_center"><span style="font-size:12px;"><strong>Yoni</strong></span></p> Link to comment Share on other sites More sharing options...
seoinheritx Posted January 31, 2012 Report Share Posted January 31, 2012 Its really nice for the security perspective and really great to pleasure for it. Quote iPhone Application Development | Android Application Development | iPhone Apps Development Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.