A PHP Developer's Blog - Joakim Nygård

About jokke.dk

jokke.dk is the personal website of , a software architect, entrepeneur and Mac user living in Copenhagen, Denmark. Read more »

Search the Site

Looking for a way in

22nd February, 2006

Having set up a dns entry for my iBook at home brings many pleasures, one of which is the interesting entries in my Apache access_log. The following list of unsuccessful requests reveals not only that someone (namely is attempting to find a way in but also what that person is trying: - "POST /xmlrpc.php HTTP/1.1" 404 208 - "POST /blog/xmlrpc.php HTTP/1.1" 404 213 - "POST /blog/xmlsrv/xmlrpc.php HTTP/1.1" 404 220 - "POST /blogs/xmlsrv/xmlrpc.php HTTP/1.1" 404 221 - "POST /drupal/xmlrpc.php HTTP/1.1" 404 215 - "POST /phpgroupware/xmlrpc.php HTTP/1.1" 404 221 - "POST /wordpress/xmlrpc.php HTTP/1.1" 404 218 - "POST /xmlrpc.php HTTP/1.1" 404 208 - "POST /xmlrpc/xmlrpc.php HTTP/1.1" 404 215 - "POST /xmlsrv/xmlrpc.php HTTP/1.1" 404 215

As you can see, none of the above attempts were fruitful.
I did a nslookup on and got tech1.spam.wcbradley.com, not the kind of company whose employees you'd expect to come knocking on your mod_access directive...
Also notice that every request is a POST looking for ways to exploit poor parameter validation. Sigh.

« MacOS X Trojan  –  Outage + Update »