phpMyAdminを狙う攻撃についての変更点

追加された行はこの色です。
削除された行はこの色です。
phpMyAdminを狙う攻撃についてへ行く。
phpMyAdminを狙う攻撃についての差分を削除
#author("2023-02-05T04:12:56+00:00","","")
#author("2023-02-05T04:13:56+00:00","","")
#html{{
<meta name="description" content="https://fukumoto.tokyo/wiki/index.php" />&#160;
<meta name="keywords" content="Linux,phpmyadmin,phpmyadmin,脆弱性,対処,クラック,config.inc.php,setup.php,攻撃,アクセスログ" />&#160;
<link rel="canonical" href="https://fukumoto.tokyo/wiki/" />
<br>
<!-- admax -->
<script src="http://adm.shinobi.jp/s/1a0429ab1f292195e9a461469817a0ca"></script>
<!-- admax -->
https://amzn.to/3l6xOPg
<iframe sandbox="allow-popups allow-scripts allow-modals allow-forms allow-same-origin" style="width:120px;height:240px;" marginwidth="0" marginheight="0" scrolling="no" frameborder="0" src="//rcm-fe.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=hideki198409-22&language=ja_JP&o=9&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B0BNK9P286&linkId=3f8216dea45b4fc9a8cfcbaea1d4ac19"></iframe>
</html>
}}

*phpMyAdminへの攻撃がありました。以下ログはphpMyAdminの脆弱性を狙いに来ているアクセスログです。 [#qe4f8424]
*「対処方法」 [#ab964b47]
***・.htaccessファイル等でBASIC認証をphpMyAdminにかけ、アクセスできるところを限定する。 [#cab670ed]
***・phpMyAdminのファイル名をユニークな推測されないものへ変更する方法。 [#yc468517]
***・出来る限りphpMyAdminをインストールしない。 [#rce00e60]
***・カーネルのバージョンをあたらしいものへ変更する（root権限)を乗っ取られるのを防止するため。 [#y21f7dac]
***・phpMyAdmin - 2.11.9.5もしくは、phpMyAdmin 3.1.31の最新版のものを利用する。 [#x4f3585a]

***・config/config.inc.phpを有無を確認し、存在する場合は削除する。 [#ja42e932]
一部引用。
http://www.nttdata-sec.co.jp/article/vulner/pdf/report20090615.pdf






-----------------------------------------------------------
**対象のアクセスログ [#r8f894cf]
 58.242.3.10 - - [30/Jul/2010:23:37:17 +0900] "GET /phpMyAdmin-2.11.1/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#ea72e1bc]
 58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.10/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#o05eb171]
 58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.2/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#zbb2b852]
 58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.3/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#o350a67f]
 58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.4/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#eb18aa02]
 58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.5/scripts/setup.php HTTP/1.1" 404 201 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#hbe9c437]
 58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.6/scripts/setup.php HTTP/1.1" 404 201 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#v22428c2]
 58.242.3.10 - - [30/Jul/2010:23:37:18 +0900] "GET /phpMyAdmin-2.11.7/scripts/setup.php HTTP/1.1" 404 201 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#ta95833e]
 58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.11.8/scripts/setup.php HTTP/1.1" 404 202 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#z43a73db]
 58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.11.9/scripts/setup.php HTTP/1.1" 404 201 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#c64d3b00]
 58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.2.3/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#zf92ef78]
 58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.2.6/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#u4960b9c]
 58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.3.0/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#ld7fbeb8]
 58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.3.1/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#b8aeb09a]
 58.242.3.10 - - [30/Jul/2010:23:37:19 +0900] "GET /phpMyAdmin-2.3.2/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#d0b87553]
 58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.3/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#ee8b3259]
 58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.4/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#c195c9b5]
 58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.5/scripts/setup.php HTTP/1.1" 404 199 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#c0786fca]
 58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.6/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#c0588bf0]
 58.242.3.10 - - [30/Jul/2010:23:37:20 +0900] "GET /phpMyAdmin-2.3.7/scripts/setup.php HTTP/1.1" 404 200 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6" [#l3c02589]

---------------------------------------------
phpMyAdminを狙う攻撃について の変更点

phpMyAdminを狙う攻撃についての変更点
