#author("2017-01-11T01:39:56+09:00","Group2","Group2")

   

phpMyAdmin?への攻撃がありました。以下ログはphpMyAdmin?の脆弱性を狙いに来ているアクセスログです。

「対処方法」

・.htaccessファイル等でBASIC認証をphpMyAdmin?にかけ、アクセスできるところを限定する。

・phpMyAdmin?のファイル名をユニークな推測されないものへ変更する方法。

・出来る限りphpMyAdmin?をインストールしない。

・カーネルのバージョンをあたらしいものへ変更する(root権限)を乗っ取られるのを防止するため。

・phpMyAdmin? - 2.11.9.5もしくは、phpMyAdmin? 3.1.31の最新版のものを利用する。

・config/config.inc.phpを有無を確認し、存在する場合は削除する。

一部引用。 http://www.nttdata-sec.co.jp/article/vulner/pdf/report20090615.pdf


対象のアクセスログ

58.242.3.10 - - [30/Jul/2010:23:37:17 +0900] "GET /phpMyAdmin-2.11.1/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#ea72e1bc]
58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.10/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#o05eb171]
58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.2/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#zbb2b852]
58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.3/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#o350a67f]
58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.4/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#eb18aa02]
58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.5/scripts/setup.php HTTP/1.1" 404 201 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#hbe9c437]
58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.6/scripts/setup.php HTTP/1.1" 404 201 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#v22428c2]
58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.7/scripts/setup.php HTTP/1.1" 404 201 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#ta95833e]
58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.11.8/scripts/setup.php HTTP/1.1" 404 202 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#z43a73db]
58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.11.9/scripts/setup.php HTTP/1.1" 404 201 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#c64d3b00]
58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#zf92ef78]
58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#u4960b9c]
58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.3.0/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#ld7fbeb8]
58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.3.1/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#b8aeb09a]
58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.3.2/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#d0b87553]
58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.3/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#ee8b3259]
58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.4/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#c195c9b5]
58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.5/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#c0786fca]
58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.6/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#c0588bf0]
58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.7/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#l3c02589]


トップ   編集 凍結解除 差分 バックアップ 添付 複製 名前変更 リロード   新規 一覧 単語検索 最終更新   ヘルプ   最終更新のRSS
Last-modified: 2017-01-11 (水) 01:39:56 (138d)