El chino jorge …

Ya decía yo que lo de la tranquilidad iba a durar poco, el chino jorge ha estado dando caña a algunos de los servidores buscando PHPmyamins petables, nada que no suceda cada dia … salvo por lo del “Jorgee” que hace mas gracia.


Ya decía yo que lo de la tranquilidad iba a durar poco, el chino jorge ha estado dando caña a algunos de los servidores buscando PHPmyamins petables, nada que no suceda cada dia … salvo por lo del “Jorgee” que hace mas gracia.

Todo cosas de este estilo.

114.225.50.118 – – [26/Feb/2016:13:14:51 +0100] “HEAD http://91.121.9.127:80/admin/ HTTP/1.1” 404 273 “-” “Mozilla/5.0 Jorgee”
114.225.50.118 – – [26/Feb/2016:13:14:50 +0100] “HEAD http://91.121.9.127:80/PMA2015/ HTTP/1.1” 404 273 “-” “Mozilla/5.0 Jorgee”
114.225.50.118 – – [26/Feb/2016:13:14:50 +0100] “HEAD http://91.121.9.127:80/PMA2014/ HTTP/1.1” 404 273 “-” “Mozilla/5.0 Jorgee”
114.225.50.118 – – [26/Feb/2016:13:14:50 +0100] “HEAD http://91.121.9.127:80/PMA2013/ HTTP/1.1” 404 273 “-” “Mozilla/5.0 Jorgee”
114.225.50.118 – – [26/Feb/2016:13:14:49 +0100] “HEAD http://91.121.9.127:80/PMA2012/ HTTP/1.1” 404 273 “-” “Mozilla/5.0 Jorgee”
114.225.50.118 – – [26/Feb/2016:13:14:49 +0100] “HEAD http://91.121.9.127:80/PMA2011/ HTTP/1.1” 404 273 “-” “Mozilla/5.0 Jorgee”

http://vms.drweb-av.es/virus/?i=4658168
https://www.webmasterworld.com/search_engine_spiders/4755206.htm

Y mas … otro trozo de logs de lo mas curioso …

31.177.98.138 – – [21/Feb/2016:22:24:11 +0100] “GET /co HTTP/1.1” 404 13480 “-” “WhatsApp/2.12.453 A”
31.177.98.138 – – [21/Feb/2016:22:24:11 +0100] “GET /con HTTP/1.1” 404 13480 “-” “WhatsApp/2.12.453 A”
31.177.98.138 – – [21/Feb/2016:22:24:11 +0100] “GET /cont HTTP/1.1” 404 13480 “-” “WhatsApp/2.12.453 A”
31.177.98.138 – – [21/Feb/2016:22:24:11 +0100] “GET /conte HTTP/1.1” 404 13480 “-” “WhatsApp/2.12.453 A”
31.177.98.138 – – [21/Feb/2016:22:24:11 +0100] “GET /content HTTP/1.1” 404 24884 “-” “WhatsApp/2.12.453 A”

De este no he conseguido encontrar nada …

Y seguimos con los intentos … ahora por ssh.

Feb 20 08:34:36 ns362870 sshd[10473]: User root from 117.21.225.103 not allowed because not listed in AllowUsers
Feb 20 08:34:24 ns362870 sshd[10471]: User root from 117.21.225.103 not allowed because not listed in AllowUsers
Feb 20 08:34:18 ns362870 sshd[10469]: User root from 117.21.225.103 not allowed because not listed in AllowUsers
Feb 20 08:34:11 ns362870 sshd[10463]: User root from 117.21.225.103 not allowed because not listed in AllowUsers
Feb 20 08:34:01 ns362870 sshd[10354]: User root from 117.21.225.103 not allowed because not listed in AllowUsers
Feb 20 08:33:45 ns362870 sshd[10352]: User root from 117.21.225.103 not allowed because not listed in AllowUsers
Feb 20 08:33:30 ns362870 sshd[10350]: User root from 117.21.225.103 not allowed because not listed in AllowUsers

Los chinos … de los cojones … horas y horas probando combinaciones …