gibt es eine Möglichkeit Angriffe wie den Folgenden frühzeitig zu erkennen, und dann die Angreifer-IP für 2 oder 3 Tage zu blockieren? Also im Prinzip eine Erkennung ob im Anfragestring "phpmyadmin" drin ist. Gibt es eventuell ein Plugin?
Wir haben (gezwungenermaßen) den Apache 2.2.10 unter Windows 2003 Server 64bit.
viele Grüße,
Bul
- Code: Select all
74.95.182.57 - - [21/Nov/2008:03:41:12 +0100] "GET /phpmyadmin/read_dump.php HTTP/1.0" 404 222 "-" "Mozilla/4.0 (compatible; MSIE 5.00; Windows 98)"
74.95.182.57 - - [21/Nov/2008:03:41:12 +0100] "GET /PMA/read_dump.php HTTP/1.0" 404 215 "-" "Mozilla/4.0 (compatible; MSIE 5.00; Windows 98)"
74.95.182.57 - - [21/Nov/2008:03:41:13 +0100] "GET /mysql/read_dump.php HTTP/1.0" 404 217 "-" "Mozilla/4.0 (compatible; MSIE 5.00; Windows 98)"
74.95.182.57 - - [21/Nov/2008:04:17:03 +0100] "GET /phpmyadmin/main.php HTTP/1.0" 404 217 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:03 +0100] "GET /phpMyAdmin/main.php HTTP/1.0" 404 217 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:03 +0100] "GET /db/main.php HTTP/1.0" 404 209 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:03 +0100] "GET /web/main.php HTTP/1.0" 404 210 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:04 +0100] "GET /PMA/main.php HTTP/1.0" 404 210 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:04 +0100] "GET /dbadmin/main.php HTTP/1.0" 404 214 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:04 +0100] "GET /mysql/main.php HTTP/1.0" 404 212 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:04 +0100] "GET /phpmyadmin2/main.php HTTP/1.0" 404 218 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:04 +0100] "GET /phpmyadmin/read_dump.phpmain.php HTTP/1.0" 404 230 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:05 +0100] "GET /PMA/read_dump.phpmain.php HTTP/1.0" 404 223 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:05 +0100] "GET /mysql/read_dump.phpmain.php HTTP/1.0" 404 225 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:05 +0100] "GET /xampp/phpmyadmin/read_dump.phpmain.php HTTP/1.0" 404 236 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:05 +0100] "GET /typo3/phpmyadmin/read_dump.phpmain.php HTTP/1.0" 404 236 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:05 +0100] "GET /mysqladmin/read_dump.phpmain.php HTTP/1.0" 404 230 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:06 +0100] "GET /admin/read_dump.phpmain.php HTTP/1.0" 404 225 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:06 +0100] "GET /db/read_dump.phpmain.php HTTP/1.0" 404 222 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:06 +0100] "GET /dbadmin/read_dump.phpmain.php HTTP/1.0" 404 227 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:06 +0100] "GET /web/phpMyAdmin/read_dump.phpmain.php HTTP/1.0" 404 234 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:07 +0100] "GET /admin/pma/read_dump.phpmain.php HTTP/1.0" 404 229 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:07 +0100] "GET /admin/phpmyadmin/read_dump.phpmain.php HTTP/1.0" 404 236 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:07 +0100] "GET /padmin/read_dump.phpmain.php HTTP/1.0" 404 226 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:07 +0100] "GET /phpmyadmin2/read_dump.phpmain.php HTTP/1.0" 404 231 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:07 +0100] "GET /phpmyadmin1/read_dump.phpmain.php HTTP/1.0" 404 231 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:08 +0100] "GET /phpadmin/read_dump.phpmain.php HTTP/1.0" 404 228 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:08 +0100] "GET /myadmin/read_dump.phpmain.php HTTP/1.0" 404 227 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:08 +0100] "GET /phpMyAdmin-2.2.3/read_dump.phpmain.php HTTP/1.0" 404 236 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:08 +0100] "GET /phpMyAdmin-2.2.7-pl1/read_dump.phpmain.php HTTP/1.0" 404 240 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:09 +0100] "GET /phpMyAdmin-2.5.6/read_dump.phpmain.php HTTP/1.0" 404 236 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:09 +0100] "GET /phpMyAdmin-2.5.7-pl1/read_dump.phpmain.php HTTP/1.0" 404 240 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:09 +0100] "GET /phpMyAdmin-2.6.0/read_dump.phpmain.php HTTP/1.0" 404 236 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:09 +0100] "GET /phpMyAdmin-2.6.0-pl3/read_dump.phpmain.php HTTP/1.0" 404 240 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:09 +0100] "GET /phpMyAdmin-2.6.1-pl3/read_dump.phpmain.php HTTP/1.0" 404 240 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:10 +0100] "GET /phpMyAdmin-2.6.3-pl1/read_dump.phpmain.php HTTP/1.0" 404 240 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:10 +0100] "GET /phpMyAdmin2.6.4-pl4/read_dump.phpmain.php HTTP/1.0" 404 239 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:10 +0100] "GET /phpMyAdmin2.7.0-beta1/read_dump.phpmain.php HTTP/1.0" 404 241 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:10 +0100] "GET /phpMyAdmin2.7.0-rc1/read_dump.phpmain.php HTTP/1.0" 404 239 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:10 +0100] "GET /phpMyAdmin2.7.0/read_dump.phpmain.php HTTP/1.0" 404 235 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:11 +0100] "GET /phpMyAdmin-2.6.4/read_dump.phpmain.php HTTP/1.0" 404 236 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:11 +0100] "GET /phpMyAdmin2.7.0-pl1/read_dump.phpmain.php HTTP/1.0" 404 239 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:11 +0100] "GET /p/m/a/read_dump.phpmain.php HTTP/1.0" 404 225 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:11 +0100] "GET /pma/read_dump.phpmain.php HTTP/1.0" 404 223 "-" "-"
74.95.182.57 - - [21/Nov/2008:04:17:12 +0100] "GET /xampp/phpmyadmin/read_dump.phpmain.php HTTP/1.0" 404 236 "-" "-"