• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

a horde bug???

E

euro_gedimas

Guest
YEsterdays my access_log a full of theses lines:


ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:02 +0200] "GET /imp/login.php/ HTTP/1.1" 200 2849 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:02 +0200] "GET / HTTP/1.1" 302 26 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:04 +0200] "GET /login.php?Horde3=bacf0c673f4e6844ef65c5cec9794178 HTTP/1.1" 302 26 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:04 +0200] "GET /js/horde.js?Horde3=4bb5e6dbd33f7cee76e01260e70a26c2 HTTP/1.1" 200 7084 "http://webmail.worldconnect.lt/imp/login.php/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:04 +0200] "GET /imp/login.php HTTP/1.1" 200 2799 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:05 +0200] "GET /js/enter_key_trap.js?Horde3=4bb5e6dbd33f7cee76e01260e70a26c2 HTTP/1.1" 200 479 "http://webmail.worldconnect.lt/imp/login.php/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:05 +0200] "GET /themes/screen.css HTTP/1.1" 304 - "http://webmail.worldconnect.lt/imp/login.php/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:05 +0200] "GET /themes/bluewhite/screen.css HTTP/1.1" 304 - "http://webmail.worldconnect.lt/imp/login.php/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:05 +0200] "GET /imp/themes/screen.css HTTP/1.1" 304 - "http://webmail.worldconnect.lt/imp/login.php/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:05 +0200] "GET /imp/themes/bluewhite/screen.css HTTP/1.1" 304 - "http://webmail.worldconnect.lt/imp/login.php/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:05 +0200] "GET /js/horde.js HTTP/1.1" 304 - "http://webmail.ilnatele.lt/imp/login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:05 +0200] "GET /themes/graphics/horde-power1.png HTTP/1.1" 304 - "http://webmail.worldconnect.lt/imp/login.php/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:05 +0200] "GET /js/enter_key_trap.js HTTP/1.1" 304 - "http://webmail.ilnatele.lt/imp/login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:05 +0200] "GET /themes/screen.css HTTP/1.1" 304 - "http://webmail.ilnatele.lt/imp/login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:06 +0200] "GET /themes/bluewhite/screen.css HTTP/1.1" 304 - "http://webmail.ilnatele.lt/imp/login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:06 +0200] "GET /imp/themes/screen.css HTTP/1.1" 304 - "http://webmail.ilnatele.lt/imp/login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:06 +0200] "GET /imp/themes/bluewhite/screen.css HTTP/1.1" 304 - "http://webmail.ilnatele.lt/imp/login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:11:06 +0200] "GET /themes/graphics/horde-power1.png HTTP/1.1" 304 - "http://webmail.ilnatele.lt/imp/login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:14:37 +0200] "GET / HTTP/1.1" 302 26 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:14:38 +0200] "GET /login.php?Horde3=00356d2f4fab302e39b46bde7cc92edc HTTP/1.1" 302 26 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:14:37 +0200] "GET /imp/login.php/ HTTP/1.1" 200 2850 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:14:38 +0200] "GET /imp/login.php HTTP/1.1" 200 2799 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:14:38 +0200] "GET /js/horde.js?Horde3=5c7ea842141dfb215791465c04a39f10 HTTP/1.1" 200 7084 "http://webmail.worldconnect.lt/imp/login.php/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
ctv-213-164-109-186.vinita.lt - - [28/Jan/2007:12:14:38 +0200] "GET /js/horde.js HTTP/1.1" 304 - "http://webmail.ilnatele.lt/imp/login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)"
Click to expand...

Is it normal? Or there was a horde exploit? :confused: Because it was connecting from different IPT's, and to different domains.
 
You must log in or register to reply here.

Similar threads

J
Issue Default plesk-apache-badbot fail2ban doesn't work
2
Replies
21
Views
8K
Kaspar
K
T
Question Fail2ban trying to setup a rule to ban ai bots
Replies
4
Views
4K
Bitpalast
Bitpalast
M
Question Has my site been attacked?
Replies
8
Views
2K
Peter Debik
P
Azurel
Question unzip access_ssl_log not working as expected
Replies
0
Views
579
Azurel
Azurel
R
Resolved Huge attack on my server from china
Replies
3
Views
12K
rezouali95
R
Back
Top