So I have this nice, simple web server up running. Its purpose is to
allow me external testing with HIP, and to provide some files for
external distribution. Of course, there it is sitting on port 80 and
the attacks are coming in per logwatch report. Examples from the report
include:
Requests with error response codes
404 Not Found
//phpMyAdmin-2.5.1/scripts/setup.php: 1 Time(s)
//phpMyAdmin-2.5.4/scripts/setup.php: 1 Time(s)
//phpMyAdmin-2.5.5-pl1/scripts/setup.php: 1 Time(s)
//phpMyAdmin-2.5.5-rc1/scripts/setup.php: 1 Time(s)
//phpMyAdmin-2.5.5-rc2/scripts/setup.php: 1 Time(s)
/muieblackcat: 1 Time(s)
/myadmin/scripts/setup.php: 2 Time(s)
/mysql-admin/scripts/setup.php: 1 Time(s)
/mysql/scripts/setup.php: 1 Time(s)
/mysqladmin/scripts/setup.php: 2 Time(s)
/mysqlmanager/scripts/setup.php: 1 Time(s)
Now these are only a few, though I am probably not being hit as hard as
others out there.
My question is:
Is there a way to shut this nonsense down? Or because I am sending the
404, I am doing all that is reasonable to do?
I am wondering that if this list starts getting long, that is a lot of
logging and I probably don't need to log 404s?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
