My website has only been running from my own server (more on that soon!) for a few days but I”m already seeing hacking attempts. Gah!

One such attempt by someone who calls themself ZmEu goes as such:

{.js name="code"} 216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:52 +0000] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 345 "-" "ZmEu" 216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:52 +0000] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu" 216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:52 +0000] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu" 216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:52 +0000] "GET /pma/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu" 216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:53 +0000] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu" 216.234.117.7 80.228.163.29 - [16/Jan/2011:20:38:53 +0000] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 345 "-" "ZmEu"

Obviously I”m not stupid enough to have phpmyadmin running but still, what does this guy want with my measly website?!?!

I decided to take a quick look at mr ZmEu”s IP (presuming the he is making these requests from his own IP address). It seems pretty fruitful:

Scanning ports on 216.234.117.7

216.234.117.7 is responding on port 21 (ftp).> 216.234.117.7 isn”t responding on port 23 (telnet).> 216.234.117.7 is responding on port 25 (smtp).> 216.234.117.7 is responding on port 80 (http).> 216.234.117.7 is responding on port 110 (pop3).> 216.234.117.7 isn”t responding on port 139 (netbios-ssn).> 216.234.117.7 isn”t responding on port 445 (microsoft-ds).> 216.234.117.7 isn”t responding on port 1433 (ms-sql-s).> 216.234.117.7 isn”t responding on port 1521 (ncube-lm).> 216.234.117.7 isn”t responding on port 1723 (pptp).> 216.234.117.7 is responding on port 3306 (mysql).> 216.234.117.7 isn”t responding on port 3389 (ms-wbt-server).> 216.234.117.7 isn”t responding on port 5900 ().> 216.234.117.7 isn”t responding on port 8080 (webcache). I am not going to try and counter attack this guy, in case he turns out to be some potato eating, vodka swigging mafioso from russia but I am still frustrated!

Matt

 

Matt Reid

Lead Software Architect. Java/Node enthusiast, badminton lover, foodie.

drei01 Matthew_Reid


Published