The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Unknown Visitor Access : Edu.jar - Leh.jar - Set.jar : Is this a malware !

Discussion in 'Security' started by Thindson, Aug 31, 2012.

  1. Thindson

    Thindson Registered

    Joined:
    Aug 31, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    :confused: Today i found a visitor (ip : 109.73.65.188) visited my site with unknown Files : Edu.jar , Leh.jar , Set.jar & a image file with path /img/logo.png. But there is no such files in Cpanel file manager.

    Latest Visitors Section also shows their sizes & status (302 - found)

    [table="width: 500, class: outer_border"]

    IP
    URL
    TIME
    Size (Byte)
    Status

    109.73.65.188
    /Set.jar
    8/30/12 8:21 PM
    215
    302 (Found)

    109.73.65.188
    /Leh.jar
    8/30/12 8:21 PM
    215
    302 (Found)

    109.73.65.188
    /Edu.jar
    8/30/12 8:20 PM
    215
    302 (Found)

    109.73.65.188
    /img/logo.png
    8/30/12 7:26 PM
    217
    302 (Found)

    [/table]

    Image Preview
    Visitor.png

    Tell me Guys, What is this ?? Is it malware activity or any threats !!!
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,694
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Re: Unknown Visitor Access : Edu.jar - Leh.jar - Set.jar : Is this a malwar

    Hello :)

    This often happens when an individual or application is "scanning" your website for exploits. The objective is to look for those files on multiple websites in order to find an insecure script so that it can be exploited. The best thing you can do is block the offending IP address through your firewall. It's also possible that a user simply attempted to access files on the wrong domain name by mistake. While your post does not indicate any immediate security threat, it's always a good idea to consult with a qualified system administrator.

    Thank you.
     
Loading...

Share This Page