Diavola bot

I got hit by this in my nginx access logs, what are some of the things you guys are doing to secure your stacks?

I am using nginx/passenger rails/mysql on a ubuntu 10.04 slice.

Looks like this ended up in a 404, is this something I need to worry about?

157.100.120.2 - - [03/Oct/2010:06:14:53 -0700] "GET /install.txt HTTP/1.1" 404 947 "-" "Toata dragostea mea pentru diavola"

157.100.120.2 - - [03/Oct/2010:06:14:54 -0700] "GET /cart/install.txt HTTP/1.1" 404 947 "-" "Toata dragostea mea pentru diavola"

157.100.120.2 - - [03/Oct/2010:06:14:55 -0700] "GET /zencart/install.txt HTTP/1.1" 404 947 "-" "Toata dragostea mea pentru diavola"

157.100.120.2 - - [03/Oct/2010:06:14:56 -0700] "GET /zen-cart/install.txt HTTP/1.1" 404 947 "-" "Toata dragostea mea pentru diavola"

157.100.120.2 - - [03/Oct/2010:06:14:57 -0700] "GET /zen/install.txt HTTP/1.1" 404 947 "-" "Toata dragostea mea pentru diavola"

157.100.120.2 - - [03/Oct/2010:06:14:58 -0700] "GET /shop/install.txt HTTP/1.1" 404 947 "-" "Toata dragostea mea pentru diavola"

157.100.120.2 - - [03/Oct/2010:06:14:58 -0700] "GET /butik/install.txt HTTP/1.1" 404 947 "-" "Toata dragostea mea pentru diavola"

157.100.120.2 - - [03/Oct/2010:06:14:59 -0700] "GET /zcart/install.txt HTTP/1.1" 404 947 "-" "Toata dragostea mea pentru diavola"

1 Reply

"All my love for the devil" in Romanian => script kiddies trying to figure out if you are running anything that they can attack/compromise. Install something like fail2ban so your logs don't fill up with this rubbish.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct