Dear all,
In my server iam the below log in /var/log/messages and i doubt that some unautherized user is accessing my server and can any one give explain about the below log
/var/log/messages
Mar 29 18:21:33 p2234270 zmeu: gethostby*.getanswer: asked for "ip134.67-202-114.static.steadfast.net IN A", got type "39"
Mar 29 18:21:33 p2234270 zmeu: gethostby*.getanswer: asked for "ip52.67-202-124.static.steadfast.net IN A", got type "39"
In
/var/log/httpd/access_log
207.44.254.242 - - [30/Mar/2012:02:48:36 -0500] "GET /cs/Satellite/index.html HTTP/1.0" 403 302 "-" "-"
207.44.254.242 - - [30/Mar/2012:02:51:05 -0500] "GET /.ba/ba.php HTTP/1.0" 403 298 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:42 -0500] "GET //mysqladmin/scripts/setup.php HTTP/1.1" 403 255 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:42 -0500] "GET //pHpMyAdMiN/scripts/setup.php HTTP/1.1" 403 255 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:42 -0500] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 403 253 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:42 -0500] "GET //phpMyAdmin1/scripts/setup.php HTTP/1.1" 403 255 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:43 -0500] "GET //phpmy/scripts/setup.php HTTP/1.1" 403 250 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:43 -0500] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 251 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:43 -0500] "GET //dbadmin/scripts/setup.php HTTP/1.1" 403 252 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:43 -0500] "GET //MySQLAdmin/scripts/setup.php HTTP/1.1" 403 256 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:43 -0500] "GET //SQL/scripts/setup.php HTTP/1.1" 403 250 "-" "-"
127.0.0.1 - - [30/Mar/2012:02:03:43 -0500] "GET //web/phpmyadmin/scripts/setup.php HTTP/1.1" 403 257 "-" "-"
::1 - - [30/Mar/2012:02:03:44 -0500] "OPTIONS * HTTP/1.0" 403 297 "-" "Apache/2.2.3 (CentOS) (internal dummy connection)"
::1 - - [30/Mar/2012:02:03:45 -0500] "OPTIONS * HTTP/1.0" 403 297 "-" "Apache/2.2.3 (CentOS) (internal dummy connection)"
::1 - - [30/Mar/2012:02:03:46 -0500] "OPTIONS * HTTP/1.0" 403 297 "-" "Apache/2.2.3 (CentOS) (internal dummy connection)
66.150.14.182 - - [30/Mar/2012:01:54:40 -0500] "GET /ATutor/content/
paypallogin/de/webscr.htm?cmd=SignIn&co_partnerId=2&pUserId=&siteid=0&pageType=&pa1=&i1=&bshowgif=&UsingSSL=&ru=&pp =&pa2=&errmsg=&runameMessage-ID: HTTP/1.1" 403 319 "-" "Mozilla/6.0 (compatible; MSIE 7.01; Windows NT)"
99.41.69.231 - - [30/Mar/2012:02:46:35 -0500] "GET /.ii/ii.php HTTP/1.1" 403 299 "-" "curl/7.18.0 (x86_64-pc-linux-gnu) libcurl/7.18.0 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.1"
207.44.254.242 - - [30/Mar/2012:02:48:36 -0500] "GET /cs/Satellite/index.html HTTP/1.0" 403 302 "-" "-"
207.44.254.242 - - [30/Mar/2012:02:51:05 -0500] "GET /.ba/ba.php HTTP/1.0" 403 298 "-" "-"
61.139.105.164 - - [30/Mar/2012:03:06:14 -0500] "GET http://proxyjudge3.proxyfire.net/fastenv HTTP/1.1" 403 299 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 403 250 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //phpMyAdmin1/scripts/setup.php HTTP/1.1" 403 251 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //phpMyAdmin2/scripts/setup.php HTTP/1.1" 403 251 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //phpadmin/scripts/setup.php HTTP/1.1" 403 248 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //phpmy/scripts/setup.php HTTP/1.1" 403 246 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 246 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //pma/scripts/setup.php HTTP/1.1" 403 245 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //phpAdmin/scripts/setup.php HTTP/1.1" 403 248 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //dbadmin/scripts/setup.php HTTP/1.1" 403 248 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //MySQLAdmin/scripts/setup.php HTTP/1.1" 403 252 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //MyAdmin/scripts/setup.php HTTP/1.1" 403 249 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //sql/scripts/setup.php HTTP/1.1" 403 246 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //SQL/scripts/setup.php HTTP/1.1" 403 246 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //web/phpmyadmin/scripts/setup.php HTTP/1.1" 403 253 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //dbg/scripts/setup.php HTTP/1.1" 403 246 "-" "-"
127.0.0.1 - - [30/Mar/2012:03:10:33 -0500] "GET //libs/scripts/setup.php HTTP/1.1" 403 246 "-" "-"
::1 - - [30/Mar/2012:03:10:34 -0500] "OPTIONS * HTTP/1.0" 403 297 "-" "Apache/2.2.3 (CentOS) (internal dummy connection)"
::1 - - [30/Mar/2012:03:10:35 -0500] "OPTIONS * HTTP/1.0" 403 297 "-" "Apache/2.2.3 (CentOS) (internal dummy connection)"
::1 - - [30/Mar/2012:03:10:36 -0500] "OPTIONS * HTTP/1.0" 403 297 "-" "Apache/2.2.3 (CentOS) (internal dummy connection)"[/COLOR]
In my server I have not installed php and phpmyadmin but some body is accessing my server with phpmyadmin and can anyone explain for the above access_log and messages log
Thanks,