Re: Ma Debian victime de l'exploit dd_ssh ... Oh my god !

Le
Salokine Terata
Bonjour,

jc2010@aygalenq.net:
Pour le up-to-date probablement pas depuis Avril
Ma version de phpMyAdmin est malheureusement : 4:2.11.8.1-5+lenny3
Dommage pour moi: http://www.debian.org/security/2010/dsa-2034


cornichonva@gmail.com:
Pour l'accès depuis l'exterieur. Il s'agit d'un serveur dédié héber=
gé. Donc besoin de ce type d'accès. Je retiens la solution des ACLs et =
me pose la
question d'un accès sur un port IP dédié avec HTTPS + certificats =
à voir.

Les fichiers relatif à l'exploit étaient stockés dans /tmp, j'ai fait=
une archive: http://www.humyo.fr/FVpDCQY/tmp-dd_ssh-files.7z?a=9xXH2mA72=
fQ

Dans les logs, ce sont les logs Apache qui prouve l'intrusion. J'ai des IP =
mais ce doit être à gars comme moi qui s'est fait piraté même pa=
s je
cherche à savoir, perte de temps je n'ai pas la compétence ni la volont=
é de m'y confronter)

Bref, manque de vigilance de ma part. Loin de moi l'idée de remettre en c=
ause la sécurité du système Debian. Il s'agit bel et bien d'une erreu=
r de ma
part.

Existe-il un programme permettant de réaliser de manière automatique et=
silencieuse la mise à jour "type aptitude safe-upgrade" avec un petit ra=
pport
par mail lorsque des mises à jour ont été installées ou lorsque cel=
les-ci nécessite une intervention humaine ?

Encore merci pour vos réponses et bonne soirée à tous.
Salokine.


Pour finir: Log Apache montrant l'attaque:

193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /nosuichfile.php HTTP/1=
.1" 404 270 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /noxdir/nosuichfile.php=
HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /PMA/scripts/setup.php =
HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /PMA2005/scripts/setup.=
php HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;=

rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /admin/mysql/scripts/se=
tup.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /admin/phpmyadmin/scrip=
ts/setup.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /admin/pma/scripts/setu=
p.php HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /admin/scripts/setup.ph=
p HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /db/scripts/setup.php H=
TTP/1.1" 404 273 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /dbadmin/scripts/setup.=
php HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;=

rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /myadmin/scripts/setup.=
php HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;=

rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /mysql-admin/scripts/se=
tup.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /mysql/scripts/setup.ph=
p HTTP/1.1" 404 275 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /mysqladmin/scripts/set=
up.php HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /mysqlmanager/scripts/s=
etup.php HTTP/1.1" 404 281 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:31 +0200] "GET /p/m/a/scripts/setup.ph=
p HTTP/1.1" 404 275 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /pHpMy/scripts/setup.ph=
p HTTP/1.1" 404 275 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /pHpMyAdMiN/scripts/set=
up.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /php-my-admin/scripts/s=
etup.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /php-myadmin/scripts/se=
tup.php HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyA/scripts/setup.p=
hp HTTP/1.1" 404 275 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmi/scripts/setu=
p.php HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.10.0/scri=
pts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.1/scri=
pts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.10/scr=
ipts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.2/scri=
pts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.3/scri=
pts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.4/scri=
pts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.5/scri=
pts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.6/scri=
pts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.7/scri=
pts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.8/scri=
pts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.11.9/scri=
pts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.2.3/scrip=
ts/setup.php HTTP/1.1" 404 281 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.2.6/scrip=
ts/setup.php HTTP/1.1" 404 281 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.3.0/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.3.1/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.3.2/scrip=
ts/setup.php HTTP/1.1" 404 281 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.3.3/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.3.4/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:32 +0200] "GET /phpMyAdmin-2.3.5/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.3.6/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.3.7/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.3.8/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.3.9/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.0/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.1/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.2/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.3/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.4/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.5/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.6/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.7/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.8/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.4.9/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.0/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.1/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.2/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.3/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.4/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.5-pl1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.5-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.5-rc2/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.5/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.6-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.6-rc2/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:33 +0200] "GET /phpMyAdmin-2.5.6/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.5.7-pl1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.5.7/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.5.8/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.5.9/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-alpha=
/scripts/setup.php HTTP/1.1" 404 287 "-" "Mozilla/5.0 (Windows; U; Windows=

NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-alpha=
2/scripts/setup.php HTTP/1.1" 404 288 "-" "Mozilla/5.0 (Windows; U; Windows=

NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-beta1=
/scripts/setup.php HTTP/1.1" 404 287 "-" "Mozilla/5.0 (Windows; U; Windows=

NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-beta2=
/scripts/setup.php HTTP/1.1" 404 287 "-" "Mozilla/5.0 (Windows; U; Windows=

NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-pl1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-pl2/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-pl3/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-rc2/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0-rc3/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.0/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.1-pl1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.1-pl2/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.1-pl3/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.1-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.1-rc2/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.1/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.2-beta1=
/scripts/setup.php HTTP/1.1" 404 287 "-" "Mozilla/5.0 (Windows; U; Windows=

NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.2-pl1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.2-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:34 +0200] "GET /phpMyAdmin-2.6.2/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.3-pl1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.3-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.3/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.4-pl1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.4-pl2/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.4-pl3/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.4-pl4/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.4-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.4/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.5/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.6/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.7/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.8/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.6.9/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.0-beta1=
/scripts/setup.php HTTP/1.1" 404 287 "-" "Mozilla/5.0 (Windows; U; Windows=

NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.0-pl1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.0-pl2/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.0-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.0/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.1/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.2/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.3/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.4/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.5/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:35 +0200] "GET /phpMyAdmin-2.7.6/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.7.7/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.7.8/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.7.9/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.0-beta1=
/scripts/setup.php HTTP/1.1" 404 287 "-" "Mozilla/5.0 (Windows; U; Windows=

NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.0-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.0-rc2/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.0.1/scr=
ipts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.0.2/scr=
ipts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.0.3/scr=
ipts/setup.php HTTP/1.1" 404 284 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.0.4/scr=
ipts/setup.php HTTP/1.1" 404 284 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.0/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.1-rc1/s=
cripts/setup.php HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows; U; Windows NT=

5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.1/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.2/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.3/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.4/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.5/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.6/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.7/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.8/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.8.9/scrip=
ts/setup.php HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.9.1/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2.9.2/scrip=
ts/setup.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows; U; Windows NT
5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-2/scripts/s=
etup.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:36 +0200] "GET /phpMyAdmin-3/scripts/s=
etup.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpMyAdmin-4/scripts/s=
etup.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpMyAdmin/scripts/set=
up.php HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpMyAdmin1/scripts/se=
tup.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpMyAdmin2/scripts/se=
tup.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpMyAds/scripts/setup=
.php HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-U=
S;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpm/scripts/setup.php=
HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpmanager/scripts/set=
up.php HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpmy-admin/scripts/se=
tup.php HTTP/1.1" 404 278 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpmy/scripts/setup.ph=
p HTTP/1.1" 404 275 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpmyad-sys/scripts/se=
tup.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpmyad/scripts/setup.=
php HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;=

rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
193.27.193.74 - - [10/Aug/2010:09:32:37 +0200] "GET /phpmyadmin/scripts/set=
up.php HTTP/1.1" 200 2419 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6"
89.19.18.114 - - [10/Aug/2010:09:36:23 +0200] "GET /w00tw00t.at.ISC.SANS.DF=
ind:) HTTP/1.1" 400 343 "-" "-"
217.195.204.194 - - [10/Aug/2010:09:36:52 +0200] "GET /w00tw00t.at.ISC.SANS=
.DFind:) HTTP/1.1" 400 343 "-" "-"
89.19.18.114 - - [10/Aug/2010:09:40:18 +0200] "GET /w00tw00t.at.ISC.SANS.DF=
ind:) HTTP/1.1" 400 343 "-" "-"
127.0.0.1 - - [10/Aug/2010:09:51:02 +0200] "OPTIONS * HTTP/1.0" 200 - "-" "=
Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch (internal dummy=

connection)"
127.0.0.1 - - [10/Aug/2010:09:51:03 +0200] "OPTIONS * HTTP/1.0" 200 - "-" "=
Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch (internal dummy=

connection)"


-

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers debian-user-french-REQUEST@lists.debian.org
En cas de soucis, contactez EN ANGLAIS listmaster@lists.debian.org
Archive: http://lists.debian.org/201008152344.38477.salokine.terata@free.fr
Vidéos High-Tech et Jeu Vidéo
Téléchargements
Vos réponses
Gagnez chaque mois un abonnement Premium avec GNT : Inscrivez-vous !
Trier par : date / pertinence
Gilles Mocellin
Le #22475381
--nextPart2622995.DLCa3lLQGF
Content-Type: Text/Plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Le Sunday 15 August 2010 23:44:38 Salokine Terata, vous avez écrit :
Bonjour,



Bonsoir,

[...]
Existe-il un programme permettant de réaliser de manière automatique et
silencieuse la mise à jour "type aptitude safe-upgrade" avec un petit
rapport par mail lorsque des mises à jour ont été installées ou l orsque
celles-ci nécessite une intervention humaine ?



Il y a bien unattended-upgrades.
Mais moi, je préfère avoir cron-apt qui me prévient quand il y a des mise à
jour à faire.

--nextPart2622995.DLCa3lLQGF
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEABECAAYFAkxoaV0ACgkQDltnDmLJYdDqRgCgrS46kL4hAgAR8G4MvygQTUzI
wRwAmwakt0WSKXTrEOwaqUD+MXcN5PvB
=nMxB
-----END PGP SIGNATURE-----

--nextPart2622995.DLCa3lLQGF--

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/
JC
Le #22475461
Pour l'accès depuis l'exterieur. Il s'agit d'un serveur dédià © hébergé. Donc besoin de ce type d'accès. Je retiens la s olution des ACLs et me pose la
question d'un accès sur un port IP dédié avec HTTPS + cert ificats ... à voir.



En effet si un accès phpMyAdmin est absolument nécessaire
la simple mise en place d'un acces en https avec login + mot de passe
devrait déjà limiter fortement l'accès aux fichiers du dit p hpMyAdmin.


Les fichiers relatif à l'exploit étaient stockés dans /tmp , j'ai fait une archive: http://www.humyo.fr/FVpDCQY/tmp-dd_ssh-files.7z?a =9xXH2mA72fQ



Merci. Toujours intéressant de jeter un oeil.


Bref, manque de vigilance de ma part.



Ca nous arrive à tous malheureusement ... pour une raison ou une autr e.


Pour le up-to-date ... probablement pas depuis Avril ...
Ma version de phpMyAdmin est malheureusement : 4:2.11.8.1-5+lenny3
Dommage pour moi: http://www.debian.org/security/2010/dsa-2034

Existe-il un programme permettant de réaliser de manière automa tique et silencieuse la mise à jour "type aptitude safe-upgrade" avec un petit rapport
par mail lorsque des mises à jour ont été installées ou lorsque celles-ci nécessite une intervention humaine ?



Une solution simple peut déjà consister à être inscrit sur

et ainsi voir les failles de sécurité régulièrement ann oncés.
Si t'es concernées tu fais une maj.

Cordialement.

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/
Olivier Lange
Le #22475451
Le 16 août 2010 00:39, JC

Pour l'accès depuis l'exterieur. Il s'agit d'un serveur dédi é hébergé. Donc besoin de ce type d'accès. Je retiens l a solution des ACLs et me pose la
question d'un accès sur un port IP dédié avec HTTPS + cer tificats ... à voir.





Il y a d'autres solutions... Tout d'abords, abandonner l'utilisation
de phpmyadmin, pour des raisons de sécurités telles que celles-la ,
mais surtout... parce que c'est un script php couvert de bug... Et que
tu peux planter ton serveur en voulant exécuter une requête (arr êter
la page stop le script php, mais pas la requête mysql derrière =>
risque de problème).

Je te conseille de passer plutôt par des solutions de type sqlyog ou
mysql editor, ou autre. Et pour éviter d'ouvrir ton serveur mysql a
n'importe qui, un petit vpn, et tu es tranquile. Ou mieux encore, vive
la ligne de commande ;).

Si vraiment tu veux utiliser cet outil, le minimum vital est de mettre
un .htaccess. Ca limitera grandement les accès dessus.


       En effet si un accès phpMyAdmin est absol ument nécessaire
la simple mise en place d'un acces en https avec login + mot de passe
devrait déjà limiter fortement l'accès aux fichiers du dit phpMyAdmin.


Les fichiers relatif à l'exploit étaient stockés dans /tm p, j'ai fait une archive: http://www.humyo.fr/FVpDCQY/tmp-dd_ssh-files.7z?a =9xXH2mA72fQ



       Merci. Toujours intéressant de jeter un o eil.


Bref, manque de vigilance de ma part.



       Ca nous arrive à tous malheureusement ... pour une raison ou une autre.


Pour le up-to-date ... probablement pas depuis Avril ...
Ma version de phpMyAdmin est malheureusement : 4:2.11.8.1-5+lenny3
Dommage pour moi: http://www.debian.org/security/2010/dsa-2034





Oula... Passe dans un premier temps à la version 3.3.5, plutot que de
rester en 2.11!


Existe-il un programme permettant de réaliser de manière autom atique et silencieuse la mise à jour "type aptitude safe-upgrade" avec un petit rapport
par mail lorsque des mises à jour ont été installées ou lorsque celles-ci nécessite une intervention humaine ?





Attention a cela... TU n'est pas a l'abri d'un problème, ou d'une
erreur! La mise a jour automatique, meme en safe-upgrade n'est jamais
conseillée sur un serveur de production! Sysadmin, c'est un boulot à  
plein temps! A toi de faire tes mises à jours régulièrement!

Par contre, tu peux déja installer un logiciel tel que fail2ban, et le
paramétrer pour prendre en compte les pages logs apache. Il te
permettra de bannir un utilisateur ayant rencontré X 404. Ca te
limitera les risques.


Olivier

--
Lisez la FAQ de la liste avant de poser une question :
http://wiki.debian.org/fr/FrenchLists

Pour vous DESABONNER, envoyez un message avec comme objet "unsubscribe"
vers
En cas de soucis, contactez EN ANGLAIS
Archive: http://lists.debian.org/AANLkTi=
Publicité
Poster une réponse
Anonyme