Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-13-2006, 09:05 AM
|
#1
|
Member
Registered: May 2004
Location: Atlanta, GA USA
Distribution: Redhat ES4, FC4, FC5, slax, ubuntu, knoppix
Posts: 155
Rep:
|
What are these? Blog bots?
I have been looking at my apache error logs and I see numerous file not found errors for items about 'blog'.
Is this a blog search engine or some sort of hack attempt?
I don't run a blog, and I realy want these scans to stop. I enter them into my blacklist on the firewall, but there are so many it's like spammers.
Anyone have more information?
Ultimately, I would like to close the web ports in the early morning hours when most of these attacks occure.
|
|
|
03-13-2006, 07:21 PM
|
#2
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
There are a number of malicious worms and automated scripts circulating that try to compromise systems running vulnerable versions of PHP, PHP-related software like xmlrpc libs, and other BB software. It might be helpfull if you posted a few examples from your apache log, otherwise I'm purely speculating.
|
|
|
03-15-2006, 12:03 AM
|
#3
|
Member
Registered: May 2004
Location: Atlanta, GA USA
Distribution: Redhat ES4, FC4, FC5, slax, ubuntu, knoppix
Posts: 155
Original Poster
Rep:
|
Ok, it looks like this post has actually asnwered my question. It's the same sort of garbage I am seeing in my apache logs. I have downloaded a few of the auto block programs, I am going to mess around with them.
http://www.linuxquestions.org/questi...d.php?t=422844
|
|
|
All times are GMT -5. The time now is 12:04 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|