• User Attivo

    Il mio sito è il target di un cracker (più probabile sia un lamer): CHE FARE?

    Come da oggetto.
    Me ne sono accorto leggendo i file di log degli errori 404 generati dal sito.
    Per ora ho solo segnalato la cosa all'hosting provider suggerendogli di incrociarli con i log del server per individuare gli IP e segnalarli alla Polizia postale.

    Voi che fareste oltre a

    • Segnalare la cosa all'hosting
    • Mantenere il CMS aggiornato
    • Fare frequenti copie di backup

    Vi allego il log generato dal sito se foste curiosi di leggerlo

    
    "Nbr","Sef url","Non sef url","Hits","Rank","Date added","Page title","Page description","Page keywords","Page language","Robots tag"
    "1","admin/phpmyadmin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "2","admin/pma/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "3","admin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "4","db/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "5","dbadmin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "6","myadmin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "7","mysql-admin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "8","mysql/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "9","mysqladmin/scripts/setup.php","","2","0","2010-11-22","","","","",""
    "10","mysqlmanager/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "11","null","","1","0","2010-11-22","","","","",""
    "12","p/m/a/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "13","php-my-admin/scripts/setup.php","","2","0","2010-11-22","","","","",""
    "14","php-myadmin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "15","phpadmin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "16","phpmanager/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "17","phpmy-admin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "18","phpMyAdmin-2.2.3/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "19","phpMyAdmin-2.2.6/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "20","phpMyAdmin-2.5.1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "21","phpMyAdmin-2.5.4/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "22","phpMyAdmin-2.5.5-pl1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "23","phpMyAdmin-2.5.5-rc1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "24","phpMyAdmin-2.5.5-rc2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "25","phpMyAdmin-2.5.5/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "26","phpMyAdmin-2.5.6-rc1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "27","phpMyAdmin-2.5.6-rc2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "28","phpMyAdmin-2.5.6/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "29","phpMyAdmin-2.5.7-pl1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "30","phpMyAdmin-2.5.7/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "31","phpMyAdmin-2.6.0-alpha/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "32","phpMyAdmin-2.6.0-alpha2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "33","phpMyAdmin-2.6.0-beta1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "34","phpMyAdmin-2.6.0-beta2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "35","phpMyAdmin-2.6.0-pl1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "36","phpMyAdmin-2.6.0-pl2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "37","phpMyAdmin-2.6.0-pl3/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "38","phpMyAdmin-2.6.0-rc1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "39","phpMyAdmin-2.6.0-rc2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "40","phpMyAdmin-2.6.0-rc3/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "41","phpMyAdmin-2.6.0/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "42","phpMyAdmin-2.6.1-pl1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "43","phpMyAdmin-2.6.1-pl2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "44","phpMyAdmin-2.6.1-pl3/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "45","phpMyAdmin-2.6.1-rc1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "46","phpMyAdmin-2.6.1-rc2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "47","phpMyAdmin-2.6.1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "48","phpMyAdmin-2.6.2-beta1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "49","phpMyAdmin-2.6.2-pl1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "50","phpMyAdmin-2.6.2-rc1/scripts/setup.php","","2","0","2010-11-22","","","","",""
    "51","phpMyAdmin-2.6.2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "52","phpMyAdmin-2.6.3-pl1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "53","phpMyAdmin-2.6.3-rc1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "54","phpMyAdmin-2.6.3/scripts/setup.php","","2","0","2010-11-22","","","","",""
    "55","phpMyAdmin-2.6.4-pl1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "56","phpMyAdmin-2.6.4-pl2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "57","phpMyAdmin-2.6.4-pl3/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "58","phpMyAdmin-2.6.4-pl4/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "59","phpMyAdmin-2.6.4-rc1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "60","phpMyAdmin-2.6.4/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "61","phpMyAdmin-2.7.0-beta1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "62","phpMyAdmin-2.7.0-pl1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "63","phpMyAdmin-2.7.0-pl2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "64","phpMyAdmin-2.7.0-rc1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "65","phpMyAdmin-2.7.0/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "66","phpMyAdmin-2.8.0-beta1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "67","phpMyAdmin-2.8.0-rc1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "68","phpMyAdmin-2.8.0-rc2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "69","phpMyAdmin-2.8.0.1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "70","phpMyAdmin-2.8.0.2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "71","phpMyAdmin-2.8.0.3/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "72","phpMyAdmin-2.8.0.4/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "73","phpMyAdmin-2.8.0/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "74","phpMyAdmin-2.8.1-rc1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "75","phpMyAdmin-2.8.1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "76","phpMyAdmin-2.8.2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "77","phpMyAdmin-2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "78","phpMyAdmin/scripts/setup.php","","2","0","2010-11-22","","","","",""
    "79","phpmyadmin1/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "80","phpmyadmin2/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "81","pma/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "82","PMA2005/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "83","scripts/setup.php","","1","0","2010-11-22","","","","",""
    "84","sqlmanager/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "85","sqlweb/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "86","typo3/phpmyadmin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "87","web/phpMyAdmin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "88","web/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "89","webadmin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "90","webdb/scripts/setup.php","","1","0","2010-11-22","","","","",""
    "91","websql/scripts/setup.php","","2","0","2010-11-22","","","","",""
    "92","xampp/phpmyadmin/scripts/setup.php","","1","0","2010-11-22","","","","",""
    
    

  • Super User

    Siamo nella stessa situazione. Anche io ho log pieni di quelle cose. Che stress... Tanto basta cambiare una minuscola con una maiuscola (almeno sotto Linux dove il sistema è case sensitive) che tutti quei tentativi sono inutili.

    M.


  • User Attivo

    Certamente, ma in realtà io quei software proprio non ce li ho installati sul server 😄 Sono tool che mi mette a disposizione l'hosting ed ai quali accedo da un indirizzo completamente diverso: quindi nessun problema.

    Però, sai, chiedevo almeno per capire se ci fosse qualche altra accortezza per mettere in sicurezza il sito...