Create an account


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Weird requests from the dark corners of the internet?

#1
I have a http server up. I set it up just to show my IT teacher I could program and deploy Django stuff.

But then I checked the logs, and this came up:
Code:
119.73.233.194 - - [17/May/2012:10:58:27 +0200] "\x8cu\x85}\xdc\x1aT\xc4G\xdf\x8aB\x15\xf9\x1b\x93\\\x1dqq\x1e\xb7\xb7\xddC?:\x95\xc7\x06\xa9`\x14\xc9@\xb5\xad|2\b?+\xb0u\xff" 403 1006 "-" "-"
77.120.230.14 - - [17/May/2012:11:25:23 +0200] "\xcc\xa1\x92\x19\xe4\x8d\xcaH" 403 1006 "-" "-"
94.181.219.40 - - [17/May/2012:11:31:33 +0200] "v\xe0\x0fm\xff\xb3\x89q:\"\xc2\x13\xac\xf0\x9f" 403 1006 "-" "-"
95.85.146.108 - - [17/May/2012:11:40:55 +0200] "\xbbe2t\xc1\xee\xba\x1d\xb3\x16\xd0\xfe\x1e\xba7\xb81\xdd\x82\xb9\x172\xd3/\xbb\x89\xc8PZ\vA\xf9\xc5\xd8\xb5T\x7f\x92\x96\xd6[\xbbc\xd2c\xae\x04" 400 295 "-" "-"

They seem to be hex-encoded strings, but of what encoding I don't know. Or maybe someone is trying to hack me, however I think these are just some robots getting all kinds of errors back (although if they were legitimate robots, wouldn't they get 404's out of my missing robots file)?

What do you guys think?
(08-10-2012, 02:37 AM)Mr. Bougo Wrote: Cloud is the new Web 2.0. It makes no damn sense to me.
Reply

#2
If you got many of those coming from random ip addresses, then I'd assume that those are just bots trying to break into your server, trying some random known exploits. Happens all the time with public ip servers. You'd probably notice these are coming from the same subnets and then you'll be able just cut them out on your firewall.
My contributions to Xonotic: talking in the forum, talking some more, talking a bit in the irc, talking in the forum again, XSkie
Reply

#3
They're all different countries. There's somebody with unresolvable IP from Singapore, two from Ukraine (but different ISPs) and one Russian. Nothing much in between, since I didn't go putting this IP up everywhere, I'd much rather just buy a domain (I heard a UK registrar offers them for 3 pounds a year).
(08-10-2012, 02:37 AM)Mr. Bougo Wrote: Cloud is the new Web 2.0. It makes no damn sense to me.
Reply

#4
whois <ip address>
will give you their isp info and that isp's ip range

You can get domains for free on the OpenNIC DNS network (but they only work for ppl using opennic) - it's a good (costless) option for a personal project. Also there are services like no-ip or dyndns so I don't see a reason to pay for a domain.
My contributions to Xonotic: talking in the forum, talking some more, talking a bit in the irc, talking in the forum again, XSkie
Reply

#5
I'll probably look into OpenNIC, however I don't see much point, aside from evading possible DNS censorship, since I don't think many people use it (although I imagine a lot more will start using it when the aforementioned censorship gets real, but only then).
(08-10-2012, 02:37 AM)Mr. Bougo Wrote: Cloud is the new Web 2.0. It makes no damn sense to me.
Reply

#6
It seems some of the requests match some Nmap behaviour. Two guys landed on the reject list of my firewall for repetition, one from the same subnet as myself. Talk about weird.
(08-10-2012, 02:37 AM)Mr. Bougo Wrote: Cloud is the new Web 2.0. It makes no damn sense to me.
Reply

#7
Yes, as a network admin, I see all this stuff all the time. This is why firewalls are very important.

Like at work, one of our Linux web servers was being port scanned by some script kiddie at the College of Puerto Rico. But Google your IP. You'll see it pops up in whois lists and network assignment blocks all over the internet. Hackers/script kiddies use these lists to "attack".

And for free domains, co.cc is a good choice, there's also .tk
Reply

#8
co.cc is banned on nearly every security browser addon and antivirus lists, cause it got used for loads of malware (meaning you won;t get many visitors and depending on what you use it can be hard for yourself to visit your own site :-P ), also it's really hard to get a reasonable name there, as the spammers got the namespace really used up ;-)
My contributions to Xonotic: talking in the forum, talking some more, talking a bit in the irc, talking in the forum again, XSkie
Reply

#9
Is free .tk just a frame like it used to be, or do they do it the standard way now?
(08-10-2012, 02:37 AM)Mr. Bougo Wrote: Cloud is the new Web 2.0. It makes no damn sense to me.
Reply



Possibly Related Threads…
Thread Author Replies Views Last Post
  Internet Explorer satuim 24 23,467 04-21-2014, 05:10 AM
Last Post: satuim
  Wisdom of Internet anark10n 14 10,648 03-27-2013, 04:59 AM
Last Post: anark10n
  [SOLVED]Experiencing Some Internet Problems anark10n 4 5,290 09-03-2012, 05:40 AM
Last Post: Mr. Bougo
  CleanIT wants to censor EU Internet for "anti-terrorism" Minkovsky 28 27,781 08-21-2012, 03:55 AM
Last Post: Cyber Killer
  Devastating internet censorship plan (new SOPA) to be put in practice from July! MirceaKitsune 21 20,377 06-28-2012, 01:18 PM
Last Post: MirceaKitsune
  Help fight internet censorship and SOPA! MirceaKitsune 22 24,731 03-08-2012, 03:24 PM
Last Post: Maddin
  Super weird forum bug: ZWS inserted in url Mr. Bougo 4 6,728 01-27-2011, 10:41 AM
Last Post: Spaceman
  can anyone help my fail internet. ... 11 10,940 01-27-2011, 10:38 AM
Last Post: Spaceman
  Fee Nex is NOT using Dark Places engine Lee_Stricklin 17 16,179 07-23-2010, 09:58 PM
Last Post: tux9656
  Joanna "Perfect" Dark VS James Bond Lee_Stricklin 9 11,205 04-16-2010, 12:46 AM
Last Post: naryl

Forum Jump:


Users browsing this thread:
1 Guest(s)

Forum software by © MyBB original theme © iAndrew 2016, remixed by -z-