unwanted access
Me - Atlantic
jdangler at atlantic.net
Thu Apr 27 07:47:15 UTC 2006
I just finished setting up Ubuntu server, and started browsing through
logs, etc to get the feel of the system, and I found this in
apache/access.log ...
212.122.62.25 - - [25/Apr/2006:08:37:50 -0400]
"GET /blog/xmlsrv/xmlrpc.php HTTP/1.0" 404 1085 "-" "-"
212.122.62.25 - - [25/Apr/2006:08:37:50 -0400]
"GET /blogtest/xmlsrv/xmlrpc.php HTTP/1.0" 404 1085 "-" "-"
212.122.62.25 - - [25/Apr/2006:08:37:51 -0400]
"GET /b2/xmlsrv/xmlrpc.php HTTP/1.0" 404 1085 "-" "-"
64.242.88.60 - - [25/Apr/2006:09:50:50 -0400]
"GET /checkout_shipping.php HTTP/1.1" 404 1081 "-" "Mozilla/4.0
compatible ZyBorg/1.0 (wn-14.zyborg at looksmart.net;
http://www.WISEnutbot.com)"
64.242.88.60 - - [25/Apr/2006:09:51:59 -0400]
"GET /index.php?cPath=37&osCsid=b3fc6ba1a56a13d818a3fdf3cdda69a7
HTTP/1.1" 404 1081 "-" "Mozilla/4.0 compatible ZyBorg/1.0
(wn-14.zyborg at looksmart.net; http://www.WISEnutbot.com)"
38.118.25.60 - - [26/Apr/2006:06:33:07 -0400] "GET / HTTP/1.1" 200 1457
"-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows XP)"
38.118.25.60 - - [26/Apr/2006:06:34:06 -0400] "GET /manual/ HTTP/1.1"
404 1224 "http://www.mgjventures.com/" "Mozilla/4.0 (compatible; MSIE
6.0; Windows XP)"
202.108.22.191 - - [26/Apr/2006:12:08:14 -0400]
"HEAD /images/Hex/HEX_Classic.jpg HTTP/1.0" 404 - "-" "-"
141.85.99.187 - - [26/Apr/2006:13:12:42 -0400] "GET /sumthin HTTP/1.0"
404 1085 "-" "-"
67.15.35.88 - - [26/Apr/2006:17:56:19 -0400] "GET / HTTP/1.1" 200 1457
"-" "HTTP/1.0"
I'm sure this isn't me (the server has only been up for about a couple
of hours!)... How can I start prevent these ? I'm not sure that I
should just block them altogether, since there will be public web sites
on this box...
More information about the ubuntu-users
mailing list