On Tue, Apr 22, 2008 at 08:35:17 +0200, Thierry Chatelet (tchatelet@free.fr) wrote: > On Tuesday 22 April 2008 08:14:43 Bob Cox wrote: > > On Tue, Apr 22, 2008 at 07:08:22 +0200, Thierry Chatelet (tchatelet@free.fr) > wrote: > > > Hello > > > I know it's not really debian related, but: > > > A site call ripe.net is trying all sorts of addresses to go inside my > > > sites, like mysite.com/var/www/documents and so on. > > > > That certainly seems like odd behaviour. RIPE is one of the five main > > Internet registries (like ARIN in the US) and is a 'respected' member of > > the Internet community. > > > > http://ripe.net/info/ncc/index.html > > > > As a matter of interest, what do these Apache log entries look like? > > Yes, I was surprise when I went to there site to read about what they are and > what I see in my logs. I dont understand, and, maybe I am getting a bit > paranoïac!! > > Here is an extract of the error log: > > [Sun Apr 20 13:34:51 2008] [error] [client 88.131.106.6] File does not > exist: /var/www/documents.txt > [Sun Apr 20 15:53:35 2008] [error] [client 88.131.106.6] File does not > exist: /var/www/robots.txt > [Sun Apr 20 15:53:35 2008] [error] [client 88.131.106.6] File does not > exist: /var/www/priorites.html > [Sun Apr 20 15:55:19 2008] [error] [client 88.131.106.6] File does not > exist: /var/www/qqimages.html > > It is like that every WE. It fills about 200 lines of errors every WE. > Thierry bob@trantor:~$ host 88.131.106.6 6.106.131.88.in-addr.arpa is an alias for 6.0-26.106.131.88.in-addr.arpa. 6.0-26.106.131.88.in-addr.arpa domain name pointer c06.entireweb.com. A 'whois' on entireweb.com shows it belongs to someone in Sweden. -- Bob Cox. Stoke Gifford, near Bristol, UK. Registered user #445000 with the Linux Counter - http://counter.li.org/
Attachment:
signature.asc
Description: Digital signature