My website has only been running from my own server (more on that soon!) for a few days but I”m already seeing hacking attempts. Gah!
One such attempt by someone who calls themself ZmEu goes as such:
{.js name="code"}
216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:52 +0000] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 345 "-" "ZmEu"
216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:52 +0000] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu"
216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:52 +0000] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu"
216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:52 +0000] "GET /pma/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu"
216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:53 +0000] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu"
216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:53 +0000] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu"
Obviously I”m not stupid enough to have phpmyadmin running but still, what does this guy want with my measly website?!?!
I decided to take a quick look at mr ZmEu”s IP (presuming the he is making these requests from his own IP address). It seems pretty fruitful:
Scanning ports on 216.234.117.7
216.234.117.7 is responding on port 21 (ftp).> 216.234.117.7 isn”t responding on port 23 (telnet).> 216.234.117.7 is responding on port 25 (smtp).> 216.234.117.7 is responding on port 80 (http).> 216.234.117.7 is responding on port 110 (pop3).> 216.234.117.7 isn”t responding on port 139 (netbios-ssn).> 216.234.117.7 isn”t responding on port 445 (microsoft-ds).> 216.234.117.7 isn”t responding on port 1433 (ms-sql-s).> 216.234.117.7 isn”t responding on port 1521 (ncube-lm).> 216.234.117.7 isn”t responding on port 1723 (pptp).> 216.234.117.7 is responding on port 3306 (mysql).> 216.234.117.7 isn”t responding on port 3389 (ms-wbt-server).> 216.234.117.7 isn”t responding on port 5900 ().> 216.234.117.7 isn”t responding on port 8080 (webcache). I am not going to try and counter attack this guy, in case he turns out to be some potato eating, vodka swigging mafioso from russia but I am still frustrated!
Matt