Bonjour,
Je viens, par hasard, de consulter mes logs apache (error.log), et voici de que j’y vois :
[Sun Nov 02 10:00:56 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/script
[Sun Nov 02 10:00:56 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/jenkins
[Sun Nov 02 10:00:57 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/login
[Sun Nov 02 10:00:57 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/jmx-console
[Sun Nov 02 10:00:57 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/manager
[Sun Nov 02 10:00:57 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/msd
[Sun Nov 02 10:00:57 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/mySqlDumper
[Sun Nov 02 10:00:57 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/msd1.24stable
[Sun Nov 02 10:00:58 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/msd1.24.4
[Sun Nov 02 10:00:58 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/mysqldumper
[Sun Nov 02 10:00:58 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/MySQLDumper
[Sun Nov 02 10:00:58 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/mysql
[Sun Nov 02 10:00:59 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/sql
[Sun Nov 02 10:01:00 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/phpMyAdmin
[Sun Nov 02 10:01:00 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/mysql
[Sun Nov 02 10:01:00 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/sql
[Sun Nov 02 10:01:00 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/myadmin
[Sun Nov 02 10:01:01 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/phpMyAdmin-4.2.1-all-languages
[Sun Nov 02 10:01:01 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/phpMyAdmin-4.2.1-english
[Sun Nov 02 10:01:01 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/sqlite
[Sun Nov 02 10:01:01 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/SQLite
[Sun Nov 02 10:01:01 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/SQLiteManager-1.2.4
[Sun Nov 02 10:01:02 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/sqlitemanager
[Sun Nov 02 10:01:02 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/SQlite
[Sun Nov 02 10:01:02 2014] [error] [client 92.222.220.41] File does not exist: /var/www/public/SQLiteManager
A savoir que ma racine web, n’est pas /var/www …
Du Coup, j’ai regardé mon access.log, et là, idem :
92.222.220.41 - - [02/Nov/2014:10:00:56 +0100] "GET / HTTP/1.1" 200 2295 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:56 +0100] "GET /script HTTP/1.1" 404 487 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:56 +0100] "GET /jenkins/script HTTP/1.1" 404 495 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:57 +0100] "GET /login HTTP/1.1" 404 486 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:57 +0100] "GET /jmx-console HTTP/1.1" 404 492 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:57 +0100] "GET /manager/html HTTP/1.1" 404 493 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:57 +0100] "GET /msd HTTP/1.1" 404 484 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:57 +0100] "GET /mySqlDumper HTTP/1.1" 404 492 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:57 +0100] "GET /msd1.24stable HTTP/1.1" 404 494 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:58 +0100] "GET /msd1.24.4 HTTP/1.1" 404 490 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:58 +0100] "GET /mysqldumper HTTP/1.1" 404 492 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:58 +0100] "GET /MySQLDumper HTTP/1.1" 404 492 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:58 +0100] "GET /mysql HTTP/1.1" 404 486 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:59 +0100] "GET /sql HTTP/1.1" 404 484 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:59 +0100] "GET /phpmyadmin HTTP/1.1" 301 577 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:00:59 +0100] "GET /phpmyadmin/ HTTP/1.1" 200 8225 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:00 +0100] "GET /phpMyAdmin HTTP/1.1" 404 491 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:00 +0100] "GET /mysql HTTP/1.1" 404 486 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:00 +0100] "GET /sql HTTP/1.1" 404 484 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:00 +0100] "GET /myadmin HTTP/1.1" 404 488 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:01 +0100] "GET /phpMyAdmin-4.2.1-all-languages HTTP/1.1" 404 511 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:01 +0100] "GET /phpMyAdmin-4.2.1-english HTTP/1.1" 404 505 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:01 +0100] "GET / HTTP/1.1" 200 2295 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:01 +0100] "GET /sqlite/main.php HTTP/1.1" 404 496 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:01 +0100] "GET /SQLite/SQLiteManager-1.2.4/main.php HTTP/1.1" 404 516 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:01 +0100] "GET /SQLiteManager-1.2.4/main.php HTTP/1.1" 404 509 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:02 +0100] "GET /sqlitemanager/main.php HTTP/1.1" 404 503 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:02 +0100] "GET /SQlite/main.php HTTP/1.1" 404 496 "-" "Python-urllib/2.7"
92.222.220.41 - - [02/Nov/2014:10:01:02 +0100] "GET /SQLiteManager/main.php HTTP/1.1" 404 503 "-" "Python-urllib/2.7"
Ai-je été attaqué ? Dois-je m’inquiéter ? Que puis-je faire ?
Merci pour votre lecture.
P.S : C’est un serveur dédié sous Debian Wheezy…