fail2ban question

bernholdt · Aug 29, 2008

After looking trough my apachalog i saw multible entries like this

52 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/phpMyAdmin
[Wed Aug 27 08:49:53 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/PMA
[Wed Aug 27 08:49:53 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/mysql
[Wed Aug 27 08:49:53 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/xampp
[Wed Aug 27 08:49:54 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/typo3
[Wed Aug 27 08:49:54 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/mysqladmin
[Wed Aug 27 08:49:54 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/admin
[Wed Aug 27 08:49:55 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/db
[Wed Aug 27 08:49:55 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/dbadmin
[Wed Aug 27 08:49:56 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/web
[Wed Aug 27 08:49:56 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/admin
[Wed Aug 27 08:49:56 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/admin
[Wed Aug 27 08:49:57 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/phpmyadmin2
[Wed Aug 27 08:49:57 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/phpmyadmin1
[Wed Aug 27 08:49:57 2008] [error] [client 70.164.3.71] File does not exist: /var/www/sharedip/phpadmin
15 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/myadmin
[Thu Aug 28 03:48:15 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin
[Thu Aug 28 03:48:15 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpmy
[Thu Aug 28 03:48:16 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMy
[Thu Aug 28 03:48:16 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/MyAdmin
[Thu Aug 28 03:48:16 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/adm
[Thu Aug 28 03:48:16 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/db
[Thu Aug 28 03:48:17 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/database
[Thu Aug 28 03:48:17 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/admin
[Thu Aug 28 03:48:21 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpadmin
[Thu Aug 28 03:48:21 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/sql
[Thu Aug 28 03:48:21 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/administrator
[Thu Aug 28 03:48:24 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/db_create.php
[Thu Aug 28 03:48:25 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.0
[Thu Aug 28 03:48:25 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.0rc1
[Thu Aug 28 03:48:25 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.0rc2
[Thu Aug 28 03:48:28 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.0rc3-php
[Thu Aug 28 03:48:28 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.0rc3-php3
[Thu Aug 28 03:48:28 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.0-rc4
[Thu Aug 28 03:48:28 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.1
[Thu Aug 28 03:48:28 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.1-rc1
[Thu Aug 28 03:48:28 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.1-rc2
[Thu Aug 28 03:48:29 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.2
[Thu Aug 28 03:48:29 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.2-rc1
[Thu Aug 28 03:48:29 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.3
[Thu Aug 28 03:48:29 2008] [error] [client 87.97.69.23] File does not exist: /var/www/sharedip/phpMyAdmin-2.2.3-rc1
Click to expand...

i am pretty sure that someone is scanning my sharedip directory to get access to my database etc etc.
Isnt there a way to get fail2ban to block these requests ?? i gave been using the fail2ban setup from here, on debial etch

tal56 · Aug 29, 2008

There's no fail2ban filter to block those because a poorly configured webpage with lots of bad links to images etc can cause the same error lines to occur. This could result in blocking a legitamate client.

If you want there is a filter for apache to block script searches .php etc, it's pretty similar and you could edit it to block for these logs.

Log in or Sign up

fail2ban question

bernholdt Member

tal56 Member

Share This Page

Log in or Sign up

fail2ban question

bernholdt Member

tal56 Member

Share This Page

Useful Searches