Does anybody know these IP's?

xray

Member
Apr 5, 2006
18
0
151
Could you please look at my error log (attached). Does anyone recognize these IP's? Why are they asking for files that do not exist on my site? Is this hacking? Data mining? Automatons? Robots?
Does this happen to everyone? Should it be a concern?
Any thoughts would be apopreciated. Thanks.

XRAY
 

Attachments

webignition

Well-Known Member
Jan 22, 2005
1,880
0
166
Your screenshot text is tiny and, due to jpeg compression, is blurry. Consequently, it's quite unreadable. Can you try another screenshot with larger text and saved in a lossless format such as png?

Alternatively, you could just list the IPs.

If you're looking to find the owner of an IP, a good bet is to query the RIPE database - http://whois.ripe.net/
 

nyjimbo

Well-Known Member
Jan 25, 2003
1,136
1
168
New York
xray said:
Could you please look at my error log (attached). Does anyone recognize these IP's? Why are they asking for files that do not exist on my site? Is this hacking? Data mining? Automatons? Robots?
Does this happen to everyone? Should it be a concern?
Any thoughts would be apopreciated. Thanks.

XRAY
Yes most of those look like hack attempts but I wouldnt bother trying to hunt down the IP's. We get hit with those THOUSANDS of times a day on our servers. Many of those hits come from zombie machines performing exploit or dictionary attacks and often the "attacker" is just another hacked machine.

Even if you found out who the soure was all you can do is block them and wait for the next group of attack/hack attempts from another IP.

Hardening your server and installing things like "mod_security" is the only way to disable or reduce these kinds of things.
 

gupi

Well-Known Member
Apr 27, 2004
125
0
166
well, you might also use the following tool:
Code:
http://whois.domaintools.com/10.23.45.67
Change 10.23.45.67 with the desired IP.
 

xray

Member
Apr 5, 2006
18
0
151
Here are those requests and ip's in TEXT

Here are those requests and ip's in TEXT
With WHOIS I found who they are but - am I naive? - what are they hoping to find? None of these files exist (or ever existed) on my server. Thanks to all, again.

XRAY

Fri May 26 05:15:42 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:42 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/blogs/xmlsrv/xmlrpc.php
[Fri May 26 05:15:42 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:42 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/blogs/xmlrpc.php
[Fri May 26 05:15:42 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:42 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/community/xmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/drupal/xmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/blog/xmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/xmlsrv/xmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/xmlrpc/xmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/xmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/ads/adxmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/Ads/adxmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/phpads/adxmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/phpadsnew/adxmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/phpAdsNew/adxmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/adserver/adxmlrpc.php
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:41 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/adxmlrpc.php
[Fri May 26 05:15:40 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 05:15:40 2006] [error] [client 63.247.74.42] File does not exist: /home/"my site"/public_html/a1b2c3d4e5f6g7h8i9/nonexistentfile.php
[Fri May 26 00:17:14 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 00:17:14 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/pub/horde-cvs/horde/services/help/
[Fri May 26 00:17:13 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 00:17:13 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/horde-cvs/horde/services/help/
[Fri May 26 00:17:13 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 00:17:13 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/horde/services/help/
[Fri May 26 00:17:13 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 00:17:13 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/thisdoesnotexistahaha.php
[Fri May 26 00:10:24 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 00:10:24 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/pub/horde-cvs/horde/services/help/
[Fri May 26 00:10:24 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 00:10:24 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/horde-cvs/horde/services/help/
[Fri May 26 00:10:23 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 00:10:23 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/horde/services/help/
[Fri May 26 00:10:23 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/404.shtml
[Fri May 26 00:10:23 2006] [error] [client 217.160.223.233] File does not exist: /home/"my site"/public_html/thisdoesnotexistahaha.php
[Thu May 25 17:47:31 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/404.shtml
[Thu May 25 17:47:31 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/images/armid1.jpg
[Thu May 25 17:47:30 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/404.shtml
[Thu May 25 17:47:30 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/images/arboth1.jpg
[Thu May 25 17:47:30 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/404.shtml
[Thu May 25 17:47:30 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/images/armid1.jpg
[Thu May 25 17:47:09 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/404.shtml
[Thu May 25 17:47:09 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/images/arhigh4.jpg
[Thu May 25 17:47:09 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/404.shtml
[Thu May 25 17:47:09 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/images/ar_tweet_dome.jpg
[Thu May 25 17:47:09 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/404.shtml
[Thu May 25 17:47:09 2006] [error] [client 67.68.230.112] File does not exist: /home/"my site"/public_html/images/arhigh3.jpg
 

verdon

Well-Known Member
Nov 1, 2003
923
11
168
Northern Ontario, Canada
cPanel Access Level
Root Administrator
Like nyjimbo said, those are random bots and kiddie hackers looking for common vulnerable scripts. Most servers get many many of those a day. Tracking down the IP's is a waste of time mostly. You need to do some reading here about securing your server. There are a number of good how-to's Check out some of the pinned threads to find them.
 

xray

Member
Apr 5, 2006
18
0
151
Thank you everyone for giving me your perspectives! Now I know that much more.

xray