[prev in list] [next in list] [prev in thread] [next in thread]
List: centos-de
Subject: [CentOS-de] fail2ban und Webserverlog
From: Andreas Reschke <centos_ml () rirasoft ! de>
Date: 2012-02-04 18:49:37
Message-ID: 4F2D7DC1.1010107 () rirasoft ! de
[Download RAW message or body]
Hallo zusammen,
ich habe alle meine Services (postfix, dovecot, sasl, usw) mit fail2ban
abgesichert, nur folgende "Fehler" bekomme ich nicht geregelt:
404 Not Found
//%0D/scripts/setup.php: 2 Time(s)
//3rdparty/phpMyAdmin/scripts/setup.php: 1 Time(s)
//81/phpmyadmin/scripts/setup.php: 1 Time(s)
//Admin/: 1 Time(s)
//Admin/scripts/setup.php: 1 Time(s)
//MyAdmin/: 1 Time(s)
//MyAdmin/scripts/setup.php: 1 Time(s)
//MySQLAdmin/scripts/setup.php: 1 Time(s)
//PHPMYADMIN/scripts/setup.php: 2 Time(s)
//PMA/: 1 Time(s)
//PMA/scripts/setup.php: 2 Time(s)
//PMA2/scripts/setup.php: 1 Time(s)
//PMA2009/scripts/setup.php: 2 Time(s)
//PMA3/scripts/setup.php: 2 Time(s)
//SQL/scripts/setup.php: 2 Time(s)
//SSLMySQLAdmin/scripts/setup.php: 1 Time(s)
//_PHPMYADMIN/scripts/setup.php: 2 Time(s)
//_admin/scripts/setup.php: 1 Time(s)
//_pHpMyAdMiN/scripts/setup.php: 2 Time(s)
//_phpMyAdmin/scripts/setup.php: 1 Time(s)
//_phpmyadmin/scripts/setup.php: 1 Time(s)
//admin/: 1 Time(s)
//admin/mysql/scripts/setup.php: 2 Time(s)
Folgenden Eintag habe ich in /etc/fail2ban/filter.d/apache.conf:
failregex = [[]client <HOST>[]] (File does not exist|script not found or
unable to stat): .*(\.php|\.asp|\.exe|\.pl)
Und die Überprüfung:
[root@web ~]# fail2ban-regex /var/log/httpd/error_log
/etc/fail2ban/filter.d/apache.conf
/usr/share/fail2ban/server/filter.py:430: DeprecationWarning: the md5
module is deprecated; use hashlib instead
import md5
Running tests
=============
Use regex file : /etc/fail2ban/filter.d/apache.conf
Use log file : /var/log/httpd/error_log
Results
=======
Failregex
|- Regular expressions:
| [1] [[]client <HOST>[]] (File does not exist|script not found or
unable to stat): .*(\.php|\.asp|\.exe|\.pl)
|
`- Number of matches:
[1] 0 match(es)
Ignoreregex
|- Regular expressions:
|
`- Number of matches:
Summary
=======
Sorry, no match
Wie kann ich dochnoch solche Abfrageversuche mit fail2ban stoppen?
Gruß
Andreas
--
_______________________________________________
CentOS-de mailing list
CentOS-de@centos.org
http://lists.centos.org/mailman/listinfo/centos-de
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic