Thread: Log concerns
View Single Post
  #1 (permalink)  
Old 01-08-2009, 02:15 PM
sleepy22 sleepy22 is offline
WebProWorld New Member
  
Join Date: Dec 2008
Posts: 5
sleepy22 RepRank 0
Default Log concerns
Hello,

Please see the log entries below. I am a low tech webmaster. They look suspicious in that the get commands seem to be looking they ought not to. How can I block these type of commands please?

67.159.44.179 - - [08/Jan/2009:09:45:52 -0500] "GET /nonexistenshit HTTP/1.1" 301 325 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.159.44.179 - - [08/Jan/2009:09:45:53 -0500] "GET /mail/bin/msgimport HTTP/1.1" 301 329 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.159.44.179 - - [08/Jan/2009:09:45:53 -0500] "GET /bin/msgimport HTTP/1.1" 301 324 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.159.44.179 - - [08/Jan/2009:09:45:53 -0500] "GET /rc/bin/msgimport HTTP/1.1" 301 327 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.159.44.179 - - [08/Jan/2009:09:45:53 -0500] "GET /roundcube/bin/msgimport HTTP/1.1" 301 334 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.159.44.179 - - [08/Jan/2009:09:45:53 -0500] "GET /webmail/bin/msgimport HTTP/1.1" 301 332 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
209.160.20.37 - - [08/Jan/2009:10:22:46 -0500] "GET / HTTP/1.1" 200 18170 "-" "PycURL/7.18.0"
66.249.67.106 - - [08/Jan/2009:10:32:35 -0500] "GET /images/ID-Theft.jpg HTTP/1.1" 304 - "-" "Googlebot-Image/1.0"
92.48.127.158 - - [08/Jan/2009:10:34:34 -0500] "GET /nonexistenshit HTTP/1.1" 301 325 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
92.48.127.158 - - [08/Jan/2009:10:34:34 -0500] "GET /mail/bin/msgimport HTTP/1.1" 301 329 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
92.48.127.158 - - [08/Jan/2009:10:34:35 -0500] "GET /bin/msgimport HTTP/1.1" 301 324 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
92.48.127.158 - - [08/Jan/2009:10:34:35 -0500] "GET /rc/bin/msgimport HTTP/1.1" 301 327 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
92.48.127.158 - - [08/Jan/2009:10:34:36 -0500] "GET /roundcube/bin/msgimport HTTP/1.1" 301 334 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
92.48.127.158 - - [08/Jan/2009:10:34:36 -0500] "GET /webmail/bin/msgimport HTTP/1.1" 301 332 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
88.198.252.124 - - [08/Jan/2009:10:51:39 -0500] "GET /essay_internet_defamation_libel.html HTTP/1.1" 206 32214 "http://www.cjb.net/" "CJB.NET"
65.55.217.43 - - [08/Jan/2009:11:26:04 -0500] "GET /robots.txt HTTP/1.1" 404 8301 "-" "msnbot-media/1.1 (+http://search.msn.com/msnbot.htm)"
65.55.217.43 - - [08/Jan/2009:11:26:04 -0500] "GET /index.html HTTP/1.1" 200 18170 "-" "msnbot-media/1.1 (+http://search.msn.com/msnbot.htm)"
67.215.231.250 - - [08/Jan/2009:11:31:36 -0500] "GET /nonexistenshit HTTP/1.1" 301 325 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.215.231.250 - - [08/Jan/2009:11:31:36 -0500] "GET /mail/bin/msgimport HTTP/1.1" 301 329 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.215.231.250 - - [08/Jan/2009:11:31:36 -0500] "GET /bin/msgimport HTTP/1.1" 301 324 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.215.231.250 - - [08/Jan/2009:11:31:36 -0500] "GET /rc/bin/msgimport HTTP/1.1" 301 327 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.215.231.250 - - [08/Jan/2009:11:31:36 -0500] "GET /roundcube/bin/msgimport HTTP/1.1" 301 334 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
67.215.231.250 - - [08/Jan/2009:11:31:40 -0500] "GET /webmail/bin/msgimport HTTP/1.1" 301 332 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
119.63.193.56 - - [08/Jan/2009:11:35:59 -0500] "GET /robots.txt HTTP/1.1" 404 8301 "-" "Baiduspider+(+http://www.baidu.com/search/spider_jp.html)"
61.19.246.92 - - [08/Jan/2009:11:43:46 -0500] "GET /nonexistenshit HTTP/1.1" 301 325 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
61.19.246.92 - - [08/Jan/2009:11:43:47 -0500] "GET /mail/bin/msgimport HTTP/1.1" 301 329 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
61.19.246.92 - - [08/Jan/2009:11:43:47 -0500] "GET /bin/msgimport HTTP/1.1" 301 324 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
61.19.246.92 - - [08/Jan/2009:11:43:48 -0500] "GET /rc/bin/msgimport HTTP/1.1" 301 327 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
61.19.246.92 - - [08/Jan/2009:11:43:48 -0500] "GET /roundcube/bin/msgimport HTTP/1.1" 301 334 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
61.19.246.92 - - [08/Jan/2009:11:43:49 -0500] "GET /webmail/bin/msgimport HTTP/1.1" 301 332 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
89.149.209.98 - - [08/Jan/2009:11:45:58 -0500] "GET /nonexistenshit HTTP/1.1" 301 325 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
89.149.209.98 - - [08/Jan/2009:11:45:58 -0500] "GET /mail/bin/msgimport HTTP/1.1" 301 329 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
89.149.209.98 - - [08/Jan/2009:11:45:58 -0500] "GET /bin/msgimport HTTP/1.1" 301 324 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
89.149.209.98 - - [08/Jan/2009:11:45:58 -0500] "GET /rc/bin/msgimport HTTP/1.1" 301 327 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
89.149.209.98 - - [08/Jan/2009:11:45:59 -0500] "GET /roundcube/bin/msgimport HTTP/1.1" 301 334 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
89.149.209.98 - - [08/Jan/2009:11:45:59 -0500] "GET /webmail/bin/msgimport HTTP/1.1" 301 332 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5"
92.48.203.116 - - [08/Jan/2009:12:20:50 -0500] "GET /contact.html HTTP/1.1" 200 52018 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
92.48.203.116 - - [08/Jan/2009:12:20:51 -0500] "POST /PHPMailer.php HTTP/1.1" 200 7768 "http://www.rexxfield.com/contact.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
92.48.203.116 - - [08/Jan/2009:12:20:52 -0500] "GET /PHPMailer.php HTTP/1.1" 200 6795 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
92.48.203.116 - - [08/Jan/2009:12:20:53 -0500] "GET /contact.html HTTP/1.1" 200 52018 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
Last edited by wige; 01-08-2009 at 02:19 PM.
Reply With Quote