Created
July 17, 2017 18:45
-
-
Save malwador/7b6582fd4e07f6b39972cf4ff252e978 to your computer and use it in GitHub Desktop.
UK IPs Attacking discoversjds.com XMLRPC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@discoversjds:/var/log/nginx# tail -f access.log | |
| 185.188.204.27 - - [17/Jul/2017:14:43:59 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:00 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:00 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:04 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:04 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:07 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:08 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:09 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:09 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:11 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:13 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:14 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:16 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:18 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:19 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:19 -0400] "POST /xmlrpc.php HTTP/1.0" 502 568 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.25 - - [17/Jul/2017:14:44:22 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| 185.188.204.27 - - [17/Jul/2017:14:44:23 -0400] "POST /xmlrpc.php HTTP/1.0" 499 0 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" | |
| ^C | |
| root@discoversjds:/var/log/nginx# iptables -A INPUT -s 185.188.204.27 -j DROP | |
| root@discoversjds:/var/log/nginx# iptables -A INPUT -s 185.188.204.25 -j DROP |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment