Últimamente estoy recibiendo ataque del demonio rumano ZmEu... 168.61.17.198 - - [29/Oct/2012:00:14:00 -0300] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 489 "-" "ZmEu" 168.61.17.198 - - [29/Oct/2012:00:14:00 -0300] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 479 "-" "ZmEu" 168.61.17.198 - - [29/Oct/2012:00:14:01 -0300] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 478 "-" "ZmEu" 168.61.17.198 - - [29/Oct/2012:00:14:01 -0300] "GET /pma/scripts/setup.php HTTP/1.1" 404 474 "-" "ZmEu"
Que desconozco el objetivo de este webbot... lo que he encontrado curioso es donde esta alojado... dig -x 168.61.17.198 ; <<>> DiG 9.7.3 <<>> -x 168.61.17.198 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41671 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;198.17.61.168.in-addr.arpa.INPTR ;; AUTHORITY SECTION: 61.168.in-addr.arpa.1241INSOAns1.msft.net. msnhst.microsoft.com. 2012102501 1800 900 7200000 3600 y por la geolocalización esta ubicado en: Marina del Rey, California, EEUU... _______________________________________________ Lugro mailing list [email protected] http://lugro.org.ar/mailman/listinfo/lugro
