Connexion
Inscription
Aide
Posté 08 novembre 2006 - 15:25
j'ai un serveur sur lequel je fais tout mes tests divers et varies pour lequel je n'apporte aucune importance en terme de securite.
Interessé par la fonction proxy d'apache, je m'etais il y a quelques temps cree un virtualhost permettant de proxyser un acces sur un site web.
Depuis hier, je m'appercois que certains petits malins utilisent egalement le proxy... à mes depends
C'est tres interessant de voir le resultat des logs Apache:
207.44.158.30 - - [05/Nov/2006:06:26:59 +0100] "GET http://www.afcyhf.com/image-2024614-10371794 HTTP/1.1" 302 78 "http://infohelpauction.com/index.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)" 207.44.158.30 - - [05/Nov/2006:06:27:00 +0100] "GET http://www.yceml.net/0722/10371794-4.gif HTTP/1.1" 206 300 "http://infohelpauction.com/index.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)" 66.79.189.10 - - [05/Nov/2006:06:27:04 +0100] "POST http://219.133.51.184/login HTTP/1.1" 200 260 "http://qqshow.qq.com/inc/i_l.shtml" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 66.79.189.8 - - [05/Nov/2006:06:27:14 +0100] "POST http://219.133.40.148/login HTTP/1.1" 200 260 "http://qqshow.qq.com/inc/i_l.shtml" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 66.79.189.15 - - [05/Nov/2006:06:27:30 +0100] "GET http://verify.qq.com/getimage?0.31464583269753875 HTTP/1.1" 200 644 "http://qqshow.qq.com/inc/i_l.shtml" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
Ayant vu cela, j'ai donc desactive le mod_proxy... et voila ce que j'ai dans mon error.log:
[Wed Nov 08 15:16:00 2006] [error] [client 211.167.68.253] File does not exist: /var/www/imp, referer: http://www.divernet.com/index.html [Wed Nov 08 15:16:01 2006] [error] [client 211.198.225.6] File does not exist: /var/www/imp, referer: http://www.lilgames.com/index.html [Wed Nov 08 15:16:01 2006] [error] [client 125.240.162.70] File does not exist: /var/www/imp, referer: http%3A%2F%2Fwww.bbwq.com%2Findex.html [Wed Nov 08 15:16:02 2006] [error] [client 218.56.98.30] File does not exist: /var/www/imp, referer: http://www.fishingworld.com/index.html [Wed Nov 08 15:16:02 2006] [error] [client 60.194.208.119] File does not exist: /var/www/imp, referer: http://www.fishingworld.com/index.html [client 125.114.145.150] script '/var/www/prx.php' not found or unable to stat
et dans mon access.log:
61.41.138.131 - - [08/Nov/2006:15:17:01 +0100] "GET http://ad.marketingsector.com/imp?z=0&s=26325&u=http%3A%2F%2Fwww.bbwq.com%2Findex.html& r=1&y=28 HTTP/1.1" 404 201 "http%3A%2F%2Fwww.bbwq.com%2Findex.html" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)" 218.56.98.30 - - [08/Nov/2006:15:17:01 +0100] "GET http://ad.marketingsector.com/imp?z=0&s=67598&u=http%3A%2F%2Fwww.divernet.com%2Findex.html& r=1&y=30 HTTP/1.1" 404 201 "http://www.divernet.com/index.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 2.0.40" 211.174.49.138 - - [08/Nov/2006:15:17:01 +0100] "GET http://ad.marketingsector.com/imp?z=0&Z=0x0&s=25422&y=30 HTTP/1.1" 404 201 "http%3A%2F%2Fwww.wawr.com%2Findex.html" "Mozilla/4.0 (compatible; MSIE 4.5; Mac_PowerPC)" 125.242.206.132 - - [08/Nov/2006:15:17:02 +0100] "GET http://ad.marketingsector.com/imp?z=0&Z=0x0&s=25325&y=30 HTTP/1.1" 404 201 "http%3A%2F%2Fwww.onlineshoppingchoice.com%2Findex.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 2.0.40" 211.196.52.197 - - [08/Nov/2006:15:17:02 +0100] "GET http://ad.marketingsector.com/imp?z=0&s=96607&u=http%3A%2F%2Fwww.omgn.com%2Findex.html& r=1&y=30 HTTP/1.1" 404 201 "http://www.omgn.com/index.html" "Mozilla/4.0 (compatible; MSIE 4.5; Mac_PowerPC)"
Voyant toujours le vilain http:// ad.marketingsector.com,
je rajoute ca dans mon apache
Redirect permanent /imp http://ad.marketingsector.com
Qu'en pensez-vous ?
Avez vous une explication ou experience similaire?
Ce message a été modifié par glibre : 08 novembre 2006 - 15:26
Haut
Citer
