Hi, From time to time someone tries to access pages that doesn’t exist and I guess that it is good that the administrator can be told that something might be missing. But when the user is obviously up to no good then I deffinetly don’t regard it as an error Timestamp Jul 04, 2020 03:04:34.658 Level Error Node Connector Message 404 - file not found for file: \..\..\..\..\..\..\..\etc/passwd Other examples: 404 - file not found for file: zabbix/ 404 - file not found for file: cacti/ 404 - file not found for file: flex2gateway/httpsecure 404 - file not found for file: PSIA/Custom/SelfExt/userCheck 404 - file not found for file: axis2/axis2-admin/ 404 - file not found for file: dana-na/nc/nc_gina_ver.txt 404 - file not found for file: /cmdownloads/CMDsearch=".base64_decode("dHdxZW5reG51a2J5dmd6")." 404 - file not found for file: CFIDE/administrator/enter.cfm 404 - file not found for file: \..\..\..\..\..\..\..\boot.ini 404 - file not found for file: ..\..\..\..\\..\..\\..\..\\\boot.ini 404 - file not found for file: \../\../\../boot.ini 404 - file not found for file: À.À.\À.À.\À.À.\boot.ini How do you handle this? I don’t want my log to be cluttered by false errors Why is this IP and session not automatically blocked after 100+ attempt within ~2 min? Kind regards Johan Edit 2021-11-22 * I know that this is an old question but now we have these on a daily basis and I am wondering if anyone else have them and what you do about it. A small pick of new ones: 2021-11-22T06:09:55.283054 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: 2021-11-22T06:09:55.283069 [APP/PROC/WEB/0] Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:12:36.385590 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: ? 2021-11-22T06:12:36.385608 [APP/PROC/WEB/0] Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:12:41.842528 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: 嘍嘊Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:13:05.039010 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: 2021-11-22T06:13:05.039030 [APP/PROC/WEB/0] Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:13:23.977662 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: 2021-11-22T06:13:23.977681 [APP/PROC/WEB/0] Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:15:12.126284 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: 2021-11-22T06:15:12.126301 [APP/PROC/WEB/0] Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:15:39.770396 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: ? 2021-11-22T06:15:39.770422 [APP/PROC/WEB/0] Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:17:43.129852 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: 2021-11-22T06:17:43.129869 [APP/PROC/WEB/0] Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:18:07.594302 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: 嘍嘊Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:18:14.705806 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: 2021-11-22T06:18:14.705827 [APP/PROC/WEB/0] Testtestesttest:crlfinjection=crlfinjection 2021-11-22T06:19:14.350362 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: .svn/all-wcprops 2021-11-22T06:19:22.913556 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: .svn/all-wcprops 2021-11-22T06:20:51.835727 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: actuator/metrics 2021-11-22T06:21:45.782222 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: manage/metrics 2021-11-22T06:21:53.531570 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: actuator/metrics 2021-11-22T06:22:06.005028 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: manage/metrics 2021-11-22T06:22:26.079121 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: metrics 2021-11-22T06:23:19.860249 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: metrics 2021-11-22T06:23:40.929787 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: env 2021-11-22T06:23:49.998234 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: actuator/env 2021-11-22T06:24:40.420594 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: manage/env 2021-11-22T06:24:47.461018 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: manage/env 2021-11-22T06:25:47.283355 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: actuator/env 2021-11-22T06:25:52.421128 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: env 2021-11-22T06:28:04.895432 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: mappings 2021-11-22T06:28:44.537811 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: actuator/mappings 2021-11-22T06:29:28.072099 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: mappings 2021-11-22T06:30:04.435876 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: manage/mappings 2021-11-22T06:30:19.497847 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: manage/mappings 2021-11-22T06:30:35.277236 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: actuator/mappings 2021-11-22T06:31:06.104801 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: a'"><injectable> 2021-11-22T06:31:31.583116 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: a'"><injectable> 2021-11-22T06:32:07.445426 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: a'"><injectable> 2021-11-22T06:32:30.995976 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: a'"><injectable> 2021-11-22T06:32:53.109398 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: actuator/dump 2021-11-22T06:33:35.147924 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: manage/dump 2021-11-22T06:33:42.857301 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: dump 2021-11-22T06:34:24.603020 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: dump 2021-11-22T06:34:51.245343 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: manage/dump 2021-11-22T06:34:57.869263 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: actuator/dump 2021-11-22T06:36:02.550179 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: .git/config 2021-11-22T06:36:43.233930 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: .git/config 2021-11-22T06:37:16.489112 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: stub_status 2021-11-22T06:37:35.370213 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: nginx-health 2021-11-22T06:37:48.694328 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: status 2021-11-22T06:37:56.648428 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: basic_status 2021-11-22T06:38:40.027863 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: status/format/html 2021-11-22T06:38:41.217424 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: nginx_status 2021-11-22T06:38:47.165107 [APP/PROC/WEB/0] ERROR - Connector: 404 - file not found for file: nginx-health
asked
Johan Mattsson
1 answers
0
This way you know at least that somebody is trying to find holes in the system. And indeed it would be nice if system blocked this IP automaticly. It would be nice if somebody from Mendix could give some comments on what the platform does with such vulnerability scans.