2013年5月3日金曜日

ハッキング?されてるかも

atnd noticeを作って公開してからまだ1週間も経ってないのにハッキングされてるっぽい

/manager/statusを読みにいってるのでtomcatのmanagerを乗っ取ろうとしてるんじゃと恐れてます。
IPみてもus、ロシア、イタリア、とか
なんなんだろう

しきりに/manager/statusにアクセスしてるみたいでrouting errorのままでいいんだけど
ログが多くなるのは嫌なのでコントローラ + アクション を作っといた

rails generate controller manager status

ハッキング対策とかどーしたらいいんだろな。。。。


以下はrailsのログ

----------------------------

Started GET "/manager/status" for 89.97.190.207 at 2013-05-03 16:57:52 +0900

ActionController::RoutingError (No route matches [GET] "/manager/status"):
  actionpack (3.2.13) lib/action_dispatch/middleware/debug_exceptions.rb:21:in `call'
  actionpack (3.2.13) lib/action_dispatch/middleware/show_exceptions.rb:56:in `call'
  railties (3.2.13) lib/rails/rack/logger.rb:32:in `call_app'
  railties (3.2.13) lib/rails/rack/logger.rb:16:in `block in call'
  activesupport (3.2.13) lib/active_support/tagged_logging.rb:22:in `tagged'
  railties (3.2.13) lib/rails/rack/logger.rb:16:in `call'
  actionpack (3.2.13) lib/action_dispatch/middleware/request_id.rb:22:in `call'
  rack (1.4.5) lib/rack/methodoverride.rb:21:in `call'
  rack (1.4.5) lib/rack/runtime.rb:17:in `call'
  activesupport (3.2.13) lib/active_support/cache/strategy/local_cache.rb:72:in `call'
  rack (1.4.5) lib/rack/lock.rb:15:in `call'
  rack-cache (1.2) lib/rack/cache/context.rb:136:in `forward'
  rack-cache (1.2) lib/rack/cache/context.rb:245:in `fetch'
  rack-cache (1.2) lib/rack/cache/context.rb:185:in `lookup'
  rack-cache (1.2) lib/rack/cache/context.rb:66:in `call!'
  rack-cache (1.2) lib/rack/cache/context.rb:51:in `call'
  railties (3.2.13) lib/rails/engine.rb:479:in `call'
  railties (3.2.13) lib/rails/application.rb:223:in `call'
  railties (3.2.13) lib/rails/railtie/configurable.rb:30:in `method_missing'
  passenger (3.0.19) lib/phusion_passenger/rack/request_handler.rb:96:in `process_request'
  passenger (3.0.19) lib/phusion_passenger/abstract_request_handler.rb:516:in `accept_and_process_next_request'
  passenger (3.0.19) lib/phusion_passenger/abstract_request_handler.rb:274:in `main_loop'
  passenger (3.0.19) lib/phusion_passenger/rack/application_spawner.rb:206:in `start_request_handler'
  passenger (3.0.19) lib/phusion_passenger/rack/application_spawner.rb:171:in `block in handle_spawn_application'
  passenger (3.0.19) lib/phusion_passenger/utils.rb:470:in `safe_fork'

  passenger (3.0.19) lib/phusion_passenger/rack/application_spawner.rb:166:in `handle_spawn_application'
  passenger (3.0.19) lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop'
  passenger (3.0.19) lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously'
  passenger (3.0.19) lib/phusion_passenger/abstract_server.rb:180:in `start'
  passenger (3.0.19) lib/phusion_passenger/rack/application_spawner.rb:129:in `start'
  passenger (3.0.19) lib/phusion_passenger/spawn_manager.rb:253:in `block (2 levels) in spawn_rack_application'
  passenger (3.0.19) lib/phusion_passenger/abstract_server_collection.rb:132:in `lookup_or_add'
  passenger (3.0.19) lib/phusion_passenger/spawn_manager.rb:246:in `block in spawn_rack_application'
  passenger (3.0.19) lib/phusion_passenger/abstract_server_collection.rb:82:in `block in synchronize'
  <internal:prelude>:10:in `synchronize'
  passenger (3.0.19) lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize'
  passenger (3.0.19) lib/phusion_passenger/spawn_manager.rb:244:in `spawn_rack_application'
  passenger (3.0.19) lib/phusion_passenger/spawn_manager.rb:137:in `spawn_application'
  passenger (3.0.19) lib/phusion_passenger/spawn_manager.rb:275:in `handle_spawn_application'
  passenger (3.0.19) lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop'
  passenger (3.0.19) lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously'
  passenger (3.0.19) helper-scripts/passenger-spawn-server:99:in `<main>'


0 件のコメント:

コメントを投稿