Apache Exploitation Attempts
9 July, 2013 - 21:51
Looks like our lamers are upping their game. They're going to have to up it a bit higher than this...
Jul 9 21:01:53 shinra kernel: grsec: From 177.36.211.170: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:12098] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:11984] uid/euid:0/0 gid/egid:0/0
Jul 9 21:02:04 shinra kernel: grsec: From 71.77.207.28: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:12092] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:11984] uid/euid:0/0 gid/egid:0/0
Jul 9 21:02:18 shinra kernel: grsec: From 71.183.234.239: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:12077] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:11984] uid/euid:0/0 gid/egid:0/0
Jul 9 21:21:14 shinra kernel: grsec: From 94.228.34.203: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:13104] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:13019] uid/euid:0/0 gid/egid:0/0
Jul 9 21:21:32 shinra kernel: grsec: From 5.254.143.41: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:13120] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:13019] uid/euid:0/0 gid/egid:0/0
Jul 9 21:02:04 shinra kernel: grsec: From 71.77.207.28: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:12092] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:11984] uid/euid:0/0 gid/egid:0/0
Jul 9 21:02:18 shinra kernel: grsec: From 71.183.234.239: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:12077] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:11984] uid/euid:0/0 gid/egid:0/0
Jul 9 21:21:14 shinra kernel: grsec: From 94.228.34.203: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:13104] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:13019] uid/euid:0/0 gid/egid:0/0
Jul 9 21:21:32 shinra kernel: grsec: From 5.254.143.41: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:13120] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[/usr/sbin/apach:13019] uid/euid:0/0 gid/egid:0/0
Not sure how many of these we'll post, as they're not as amusing as the other stuff...