Apparent Hack attempt filling partition
Steel City Phantom
scphantm at yahoo.com
Mon Feb 27 13:56:40 PST 2006
It seems that on friday i had some kind of hack scanner hit one of my
servers. it went thru the website looking for scripts, i believe it was
my hosting company that did it with their vulnerability scanner. The
problem is that for some reason, the server was kicked into a loop
failing on a perl script that eventually filled the /var partition with
a 1 gig error log file and brought mysql down for lack of temp space to
run some queries. here is the last snip of the log before it started
repeating the can't open perl script for 1 gig of file. anyone have any
ideas what could have caused that?
the server is running PHP Version 4.3.9, Apache 1.3.33 on bsd 4.10 R2P
/usr/local/www/data/goldsteins/themes/Showroom/images/FooterBack.jpg
[Sun Feb 26 10:25:59 2006] [error] [client 216.153.168.66] File does not
exist: /usr/local/www/data/goldsteins/themes/Showroom/images/FooterBack.jpg
[Sun Feb 26 10:26:07 2006] [error] [client 216.153.168.66] File does not
exist: /usr/local/www/data/goldsteins/themes/Showroom/images/FooterBack.jpg
[Sun Feb 26 11:41:06 2006] [error] [client 83.179.151.230] File does not
exist: /usr/local/www/data/interiors/index2.php
[Sun Feb 26 11:41:14 2006] [error] [client 83.179.151.230] File does not
exist: /usr/local/www/data/interiors/mambo/index2.php
[Sun Feb 26 11:41:16 2006] [error] [client 83.179.151.230] File does not
exist: /usr/local/www/data/interiors/cvs/index2.php
[Sun Feb 26 11:41:20 2006] [error] [client 83.179.151.230] File does not
exist: /usr/local/www/data/interiors/articles/mambo/index2.php
wget: not found
mv: ping.txt: No such file or directory
wget: not found
curl: not found
curl: not found
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
Can't open perl script "temp2006": No such file or directory
More information about the freebsd-questions
mailing list