Apache Konfiguration von Ralph Schuler, 19.10.2004 18:50

Apache Konfiguration

Ralph Schuler 19.10.2004 18:50

webserver

Als ich kürzlich die access.log meines Apache 2.x durchstöberte, traute ich meinen Augen kaum. Da hat doch so ein Möchtegernhacker über geschlagene zwei Stunden mit ca. 1500 Versuchen sich versucht Zugriff auf einen, mittels .htaccess geschützten Bereich meines Webservers zu verschaffen. Auszug aus dem Log:

218.148.114.154 - - [16/Oct/2004:06:24:11 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - guest [16/Oct/2004:06:24:11 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:24:12 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - guest [16/Oct/2004:06:24:12 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:24:13 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - guest [16/Oct/2004:06:24:13 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:24:36 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:24:36 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:24:39 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:24:39 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:24:43 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:24:44 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:24:44 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:24:45 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:25:25 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:25:25 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:25:48 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:25:48 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:25:50 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:25:50 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:25:52 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:25:52 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:25:54 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:25:54 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:25:55 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:25:55 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:25:56 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:25:57 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:26:35 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:26:35 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:27:25 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:27:26 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:28:09 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:28:09 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:29:00 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:29:00 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:29:27 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:29:27 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:29:54 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:29:55 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:30:45 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:30:45 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:31:31 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:31:32 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:32:22 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:32:22 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:33:07 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:33:07 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:33:56 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:33:57 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:34:43 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:34:43 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:35:53 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - root [16/Oct/2004:06:35:54 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:36:16 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:36:16 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:36:39 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:36:39 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:37:28 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:37:28 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:40:18 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:40:18 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:40:47 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:40:47 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:40:48 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:40:49 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:40:50 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:40:50 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:41:29 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:41:29 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:42:11 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:42:12 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:43:02 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:43:03 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:43:30 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:43:30 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:43:57 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:43:57 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:44:28 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:44:29 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - - [16/Oct/2004:06:44:53 +0200] "OPTIONS / HTTP/1.1" 401 546
218.148.114.154 - sql [16/Oct/2004:06:44:54 +0200] "OPTIONS /

Nun meine Frage:

Kann man den Apache so konfigurieren, dass er eine solche Dumpfbacke nach z.B. drei fruchtlosen Versuchen für eine bestimmte Zeit sperrt? Und warum wird eigentlich nur der Benutzer und nicht das Passwort mitgelogt? Gibt es da evtl. auch eine Möglichkeit. Würde mich interessieren welche Passwörter er alle durchprobiert hat. Besten Dank.

Gruss Ralph

Beitrag melden

– Informationen zu den Bewertungsregeln

SELFHTML Forum - Ergänzung zur Dokumentation Übersicht

Ralph Schuler: Apache Konfiguration

Beitrag lesen

Apache Konfiguration

Apache Konfiguration