You are not logged in.

Dear visitor, welcome to VDR Portal. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

1

Monday, November 28th 2011, 9:20pm

Webserver Attacke aus China

Mein Linux Server wird derzeit massiv aus China attackiert, über 100 offene Verbindungen zwingen meinen VServer langsam in
die Knie. Scheint irgendein Botnetz zu ein, verschiedene IPs.

Was kann ich dagegen tun, außer meinen Webserver vorrübergehend still zu legen?

EDIT: Wenn ich Apache starte und wieder stoppe sind die Bots sofort wieder verbunden. Könnt ja hergehen und IPs sperren,
aber soviele wie das sind....
- VDR: Thermaltake DH 102 mit 7" TouchTFT * Mystique SaTiX-S2 Dual * Debian Wheezy/vdr-2.1.6/graphtft/MainMenuHooks-Patch * Intel Pentium G3220 * DH87RL * Zotac GT630 * 1 TB System HDD * 4 GB Corsair Vegance * Harmony 900 (39-44W)
- Server: Zotac H55-ITX WiFi, Core i3 540, 4GB RAM, 4x4TB 3.5" WD RED + 1x500GB 2.5", Cine S2, vdr-2.1.6
- vdr-theme-darkred: https://github.com/TheChief79/vdr-theme-darkred

This post has been edited 1 times, last edit by "TheChief" (Nov 28th 2011, 9:25pm)


2

Monday, November 28th 2011, 9:53pm

hast du am vserver linux druff

köntest mit

Quoted

apachetop -d 1 -q -p -f /var/log/apache2/xxxxxxxxx/*.log


mal schauen auf welche dateien die bots zugreifen
und nur diese evtl. tempororär entfernen/umbenennen

oder versuchen die nen ssh /telnet login??

Signatur

Server: ASRock Q1900M + 4GB RAM + cineS2 6.5 + Ubuntu Sever + vdr 2.x , epgsearch, live, dvb-hust, streamdev
Client: Macbook Pro Retina 2013 + 16GB ram 512GB ssd  OSX 10.10 vlc 1.05)
File-Server/client: GA-H_67_N-USB_3-B3 + I3 2105 + 8GB RAM + HD3000 IGP + NVGF 650GTX 1GB, 250 GB-HD (sys)+ 11TB Storage OSX 10.9.5 VLC 1.05 , Remote Buddy, PS3-FB
EHD: D945GCLF2+ 1GB ram, 250gb HDD, mit BM2LTS 1.75A, serial-ir, smt7020s-FB
Cubieboard2: 2x Sundtek DVB-S2, 750GB 2,5 HD, Cubiuntu mit VDR 2.0.6 + epgsearch, live(osdpatch), streamdev(0.6), soft-hd-device
Ausgabe:
Acer H7530D, T.amp Proline1300, 2x K&H sms 54T + horn sub - Eigenbau


Rasczak

Beginner

Posts: 10

Location: Erde

  • Send private message

3

Monday, November 28th 2011, 9:53pm

Hi Chief!

Vielleicht kann Dir das Tool fail2ban weiterhelfen. Hat bei mir auch schon so manche Angreifer automatisch ausgesperrt.

http://www.fail2ban.org/wiki/index.php/Main_Page

Gruß,

Rasczak
VDR 1.7.19 + ExtP-NG V6, Debian Squeeze, 2.6.32-5-686-bigmem Kernel, libxine 1.2, NVIDIA 290.10, ASUS M3N78-EM,
AMD Athlon II X2 240e, 8 GB RAM, NVIDIA GeForce 8300 onboard, TechnoTrend S2-1600, picoPSU, 40 GB SSD

Mein Skin: http://anthra.uk.to

4

Monday, November 28th 2011, 10:18pm

Danke für die Antworten. SSH hab ich mittels denyhosts schon abgesichert, aber fail2ban schau
ich mir mal an. Geht mir echt auf den zeiger, seit Tagen lahmt mein Server und ich dachte, es liegt
an einem Projekt, was ich gerade mache. Stattdessen die Chinesen wieder.

apachetop -d 1 -q -p -f /var/log/apache2/xxxxxxxxx/*.log

Das gibt mir irgendwelche URLs in Massen aus, die ich nicht kenne?! We ist das zu verstehen?

Mal ein Auszug aus der access.log, welche mittlerweile 3GB gross ist.

Source code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
184.22.57.156 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldads.com/imp?Z=728x90&s=2602314&_salt=2057980704&B=12&m=2&u=http%3A%2F%2Fwww.financekeyboard.com%2Findex.php%3Foption%3Dcom_mailto%26tmpl%3Dcomponent%26link%3DaHR0cDovL3d3dy5maW5hbmNla2V5Ym9hcmQuY29tL2luZGV4LnBocD9vcHRpb249Y29tX2NvbnRlbnQmdmlldz1hcnRpY2xlJmlkPTczMTk6MjAxMS0wOS0yOC0yMy00MC00NiZjYXRpZD00MzpuYXRpb25hb&r=1 HTTP/1.0" 302 734 "http://ad.yieldads.com/st?ad_type=iframe&ad_size=728x90&section=2602314" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6"
199.71.213.116 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.globaltakeoff.net/imp?Z=300x250&s=1649765&_salt=1657811927&B=12&m=2&u=http%3A%2F%2Fwww.songsap.com%2F2009%2F11%2Fanitha-o-vanitha-female-song.html&r=1 HTTP/1.0" 302 555 "http://ad.globaltakeoff.net/st?ad_type=iframe&ad_size=300x250&section=1649765" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Alexa Toolbar)"
184.22.58.12 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldads.com/imp?Z=728x90&s=2281810&_salt=1625853597&B=12&m=2&u=http%3A%2F%2Fwww.economicwindows.com%2Findex.php%3Fview%3Darticle%26catid%3D41%253Afinancial-services%26id%3D4837%253A2011-07-06-13-26-56%26tmpl%3Dcomponent%26print%3D1%26layout%3Ddefault%26page%3D%26option%3Dcom_content%26Itemid%3D97&r=1 HTTP/1.0" 302 655 "http://ad.yieldads.com/st?ad_type=iframe&ad_size=728x90&section=2281810" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050925 Firefox/1.0.4 (Debian package 1.0.4-2sarge5)"
125.65.112.161 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldmanager.com/iframe3?AAAAAI5CKAAGWrcAAAAAAJJeLAAAAAAAAgAAAAIAAAAAAP8AAAACF8JLOgAAAAAAvqkRAAAAAADTlToAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABj9RMAAAAAAAIAAwAAAAAAAAAAAAAAAAD5rgmRnOLCPwAAAAAAAAAAtxpMtUOb5z8AAAAAAAAAAF6lyBOe3PA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgtdUn2N8cC6D8mHnCfEwqQ.FznvHpt-SQpsRWAAAAAA==,,http%3A%2F%2Fwww.cubezu.com%2F,B%3D12%26Z%3D300x250%26_salt%3D1997296711%26m%3D2%26r%3D1%26s%3D2638478,ef0bfc64-1a06-11e1-9db2-a7ad0944705f,1322515288049 HTTP/1.0" 200 2553 "http://ad.adnetwork.net/st?ad_type=iframe&ad_size=300x250&section=2638478" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)"
60.168.178.86 - - [28/Nov/2011:22:22:43 +0100] "GET http://captcha.qq.com/getimage?uin=309531006aid=1000101&0.6813680358025792 HTTP/1.0" 200 3251 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
96.44.153.131 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.adorika.com/iframe3?SNNVCt1JKABSDbgAAAAAAOiALAAAAAAAAgAAAAYAAAAAAP8AAAACF1BJOwAAAAAAXeskAAAAAACc3joAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZ-BMAAAAAAAIAAwAAAAAAAAAAAAAAAACamZmQkxHPPwAAAAAAAAAAAAAAviLm1z8AAAAAAAAAAAAAAKPS-uY.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdfNYjCeAcC5hweso9QaFSIiOm9jmuTP.QQFoSAAAAAA==,,http%3A%2F%2Fwww.veryjunketing.com%2Frecipes%2Fgranola-bars.html,B=10%26Z=728x90%26_salt=2296110909%26r=1%26s=2640349,0ca9b6a8-1a07-11e1-9a7c-9fcf235778f0,1322515337736 HTTP/1.0" 302 913 "http://www.veryjunketing.com/recipes/granola-bars.html" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Tablet PC 2.0; .NET CLR 3.0.04506; Media Center PC 5.0; SLCC1)"
61.160.223.134 - - [28/Nov/2011:22:22:44 +0100] "GET http://popunder.popcde.com/pp/ad.js?p=113749&cb=9441489105 HTTP/1.0" 200 0 "http://www.musictvnews.net" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040206 Firefox/0.8"
208.115.212.210 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldmanager.com/imp?Z=728x90&s=795864&_salt=498950724&B=12&m=2&u=http%3A%2F%2Fwww.gametly.com%2Findex.php%3Fparams%3Dgame%2F2099%2FLittle-Britain%2F&r=1 HTTP/1.0" 200 1395 "http://ad.xtendmedia.com/st?ad_type=iframe&ad_size=728x90&section=795864" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Alexa Toolbar)"
184.82.179.149 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.xtendmedia.com/imp?Z=728x90&s=1693711&_salt=1573398208&B=12&m=2&u=http%3A%2F%2Fjjlearn.com%2Findex.php%3Foption%3Dcom_content%26view%3Darticle%26id%3D322%3Aonline-learning-tip-of-the-day-keep-your-online-classroom-discussion-comments-brief-and-to-the-point-%26catid%3D50%3Atip-of-the-day%26Itemid%3D111&r=1 HTTP/1.0" 302 714 "http://ad.xtendmedia.com/st?ad_type=iframe&ad_size=728x90&section=1693711" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.24 Safari/535.1"
72.46.132.26 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldmanager.com/imp?Z=300x250&s=1991344&_salt=585392540&B=12&m=2&u=http%3A%2F%2Fwww.honeywealthy.com%2F&r=1&SIG=10vlgii1b;x-cookie=pv6npdc7q7hf6&o=3&f=7p HTTP/1.0" 200 1542 "http://ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&section=1991344" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0; Alexa Toolbar)"
199.15.113.31 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldads.com/imp?Z=160x600&s=2600807&_salt=112527152&B=12&m=2&u=http%3A%2F%2Ffinancialkownledge.com%2Findex.php%3Foption%3Dcom_content%26view%3Darticle%26id%3D8390%3A2011-09-28-21-11-45%26catid%3D49%3Afinancial-skills%26Itemid%3D99&r=1 HTTP/1.0" 302 645 "http://ad.yieldads.com/st?ad_type=iframe&ad_size=160x600&section=2600807" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101206 Ubuntu/10.10 (maverick) Firefox/3.6.13"
68.68.16.151 - - [28/Nov/2011:22:22:44 +0100] "GET http://ads.adtiger.de/adframe.php?pid=9266&kid=5989&wmid=36146&wsid=1672&dhr=1&uid=18&nvc=1&ord=1322515311&prdclick_1=http%3A%2F%2Fad.reduxmedia.com%2Fclk%3F3%2CeAGdjN2KwjAQhZ.GuyJJJ7WVsBexoXWXpj9sBOudtNVULVm6wahPv7oRH8BhmPPNgXMw0GhOSEAIINjtQoA5xQBdg7owalsPUUrxDPl4FkAQeuU5XbCMkC.Lx3hs2P.EeZU5Ymz.gNp9ZfTQOIF1nFtnLdGxdMTXHdcO37vDUYln8pOxZ3.f6yLkYvGqTDeHTVpf8tvez2SiBK-NkMlJfOM-l63K5GkQaXWpB0EKubJF9Up-eJ4y5mcCbOIn97XWTlX.a.R4NbrdXqeNHu72H2VAW5I%3D%2Chttp%253A%252F%252Fads.adbroker.de%252Fadclick.php%253Ftz%253D1322515334%2526pid%253D3711%2526kid%253D926%2526wmid%253D3932%2526wsid%253D1061%2526uid%253D16162%2526ord%253D1322515311%2526target%253D HTTP/1.0" 200 1918 "http://ad.yieldmanager.com/iframe3?PvGBAL44JwDrCrcAAAAAACNQLAAAAAAAAgAAAAYAAAAAAP8AAAACF3XCNwAAAAAAH0kPAAAAAADXeDoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmkhMAAAAAAAIAAwAAAAAAAAAAAAAAAAAAAKDgqu6wPwAAAAAAAAAAAACAHrgMuj8AAAAAAAAAAAAAALXICcQ.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA87Po798cC5tWDJuFIe9S9VlxdtTHtl2PhAOZAAAAAA==,,http%3A%2F%2Fwww.historytoday.com%2F,B%3D12%26Z%3D728x90%26_salt%3D3744415487%26m%3D2%26r%3D1%26s%3D2570430,fcdf1786-1a06-11e1-b57a-9f0d1bc89509,1322515311242" "Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; el-GR)"
74.91.26.162 - - [28/Nov/2011:22:22:44 +0100] "GET http://imagesrv.adition.com/js/adition.js HTTP/1.0" 200 19199 "http://ad.yieldmanager.com/iframe3?UP1.AJ7sIgDxDLgAAAAAAOiALAAAAAAAAgAAAAIAAAAAAP8AAAACF.WENAAAAAAA7FwhAAAAAACc3joAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6CRMAAAAAAAIAAwAAAAAAAAAAAAAAAAA9CtdsvT.iPwAAAAAAAAAAMzMzCeoR6j8AAAAAAAAAAAAAgHC8R.o.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCeLFr398cC1PUR22msDM7p5mvcKZ0pMOM8R5FAAAAAA==,,http%3A%2F%2Fwww.vietworldkitchen.com%2Fblog%2Fvietnamese-recipe-index.html,B%3D12%26Z%3D300x250%26_salt%3D3936154835%26m%3D2%26r%3D1%26s%3D2288798,f32ec9e8-1a06-11e1-b77f-37d1143d642d,1322515294988" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; MS-RTC LM 8)"
74.91.26.138 - - [28/Nov/2011:22:22:44 +0100] "GET http://adfarm1.adition.com/js?wp_id=431914&clickurl=http://ad.media-servers.net/clk?3,eAGVjFFPgzAQxz.N3pC0lNCZxocy6GKgwSjOrG.aFUqBYbAG46e3W8nevVzuf.e7-x9EpMEJRFCeAJDRfRM1BCKkJFA4htsAEEIwdgQjAIJK9IzmH8m-TV-zsqXXqDpa-o7SK5r89LS96I4lv0WxeHTQLfPdTiKz3nnw31oIna-eR0rX.-KZVjjj6e3Z.hiLmvXcnExZM82zo-U1G.gL1GI8dGXdI.7GepHlSJjU8JuRPgSBtvZzg-gmYi6XZQmbWan2fVRf03noziqU0-g2F-IEAhhDp2Mn5-nOzt8.obbj8AfYX2W7, HTTP/1.0" 200 1622 "http://ad.yieldmanager.com/iframe3?OZkFAEb6GgBUDLgAAAAAAOiALAAAAAAAAgAAAAoAAAAAAP8AAAACF6zKKwAAAAAAVhgFAAAAAACc3joAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKZhEAAAAAAAIAAwAAAAAAAAAAAAAAAAAAAAAUo..lPwAAAAAAAAAAAAAAFKP.9T8AAAAAAAAAAAAAAK8NLQZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjpbJi6N8cC74h1HsNKXVxP0Isa3V9xnv47VExAAAAAA==,,http%3A%2F%2Fwww.freegamesonline.com%2Fgame%2F10141%2Fmicro-trux.html,B%3D12%26Z%3D160x600%26_salt%3D2537366841%26m%3D2%26r%3D1%26s%3D1768006,f8e1d27c-1a06-11e1-afeb-971add17f0c0,1322515304549" "Mozilla/5.0 (Windows; U; Windows NT 6.0; pl; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3"
66.85.188.150 - - [28/Nov/2011:22:22:43 +0100] "GET http://www.picxure.com/css/images/ratings/20000.png HTTP/1.0" 200 4252 "http://www.picxure.com/viewer.php?file=95985841793793765152.png" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
218.204.58.51 - - [28/Nov/2011:22:22:44 +0100] "GET http://feed.peakclick.com/res.php?pin=b688ef0fda96e5809c7f645a69a166&id=1&keyword=best%20buy%20levitra%20generic%20online&num=3&utf=1&ref=http://www.alltheweb.com/search?cat=web&cs=utf8&rys=0&itag=crv&_sb_lang=pref&q=theatre-system&o=310http://www.theatre-system.com/ HTTP/1.0" 200 150 "http://www.theatre-system.com" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Alexa Toolbar)"
61.147.99.189 - - [28/Nov/2011:22:22:43 +0100] "GET http://popunder.popcde.com/pp/ad.js?p=113519&cb=1670382838 HTTP/1.0" 200 10861 "http://www.flashsh.com" "Mozilla/4.0 (compatible; MSIE 4.01; Windows NT)"
61.160.221.203 - - [28/Nov/2011:22:22:44 +0100] "GET http://popunder.popcde.com/pp/ad.js?p=113840&cb=318324576 HTTP/1.1" 200 10860 "http://tourjunketing.com/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR 1.1.4322)"
208.115.246.18 - - [28/Nov/2011:22:22:44 +0100] "GET http://accado.adspirit.de/adview.php?tz=1322515335&pid=294&kid=41&wmid=805&wsid=64&uid=64&nvc=1&target1=- HTTP/1.0" 200 346 "http://ad.adition.net:80/banner2?lid=91539684586&bid=43022&wpt=H&clickurl=http%3A%2F%2Fib.adnxs.com%2Fclick%3FJzCd1m0Q8j8nMJ3WbRDyPwAAAAAAAPA%5FJzCd1m0Q8j8nMJ3WbRDyP9Bttfdc6sN8ksV7P6Ew%5Fglz%2D9NOAAAAAKnrCgC0AwAAtAMAAAIAAAAtwA8Ami8CAAEAAABVU0QAVVNEACwB%2DgC9NwAARRYAAQMCAQUAAIIAqCRGkQAAAAA.%2Fcnd%3D%210QTxJwjzkAwQrYA%5FGJrfCCAE%2Freferrer%3Dhttp%3A%2F%2Fad.yieldmanager.com%2Fiframe3%3FLbNuADomDgCyBrkAAAAAAISlLAAAAAAAAAAYAAIAAAAAAAQAAQACF.vxGgAAAAAAts0NAAAAAAASJTsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzvgcAAAAAAAIAAwAAAAAAAAAAAAAAAAAAAIArfNu0PwAAAAAAAAAAAAAA28Isxz8AAAAAAAAAAAAAAMGvjdA.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA776lG1t8cCwhFWcjxpoz46vFbhEXbelrLOtfsAAAAAA%3D%3D%2C%2Chttp%253A%252F%252Fwww.ihavenet.com%252Fpolitics%252Fscott%2Dbrown%2Dlesson%2Dfor%2Ddemocrats%2Drecapture%2Dchange%2Dbb.html%2CB%253D12%2526Z%253D300x250%2526%5Fsalt%253D3161073914%2526m%253D2%2526r%253D1%2526s%253D927290%2Cedf62f70%2D1a06%2D11e1%2Da311%2Dbfbbd4d8730e%2C1322515286228%2Fclickenc%3Dhttp%3A%2F%2Fad.xtendmedia.com%2Fclk%3F3%2CeAGdTtlugzAQ.Jq8YcQV2gj1wYSCgjASImoFb2DMEQ4j7OCEry8pqB.Q0Wp3ZlZ7qLpVmvioFGZRFsa7VuiKpeo6wUpRGidNUizLMrSjedKVlwzy8A4d2jvV%2DWlPLfzFJe6Cjb1yAuFlVxGEETy78vzwqs3iTAn3Zuxf2U7.U%2DxlrvA%2DuN4TG1VRFb45yP7b6H216S15pjcsgqtbIyfh6Op2KFZrtHw%2Dgm%2D.T3q.Db3ICBck0vXlHR%2DSVHM%2DHnR40Nw1hBByU2czGQiXMe1Xa6RdwxvMVsow5RzkExUD6AhjdAAlnUBBeoqnjDMwEZyN.D4RgOtsqAjIc7nmffcDvNN1sw%3D%3D%2C" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MSN 9.0; MSNbMSNI; MSNmen-us; MSNcIA; MPLUS)"
184.22.57.37 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldads.com/imp?Z=300x250&s=2127478&_salt=3599806279&B=12&m=2&u=http%3A%2F%2Fwww.qtsfinancial.com%2Findex.php%3Foption%3Dcom_mailto%26tmpl%3Dcomponent%26link%3DaHR0cDovL3d3dy5xdHNmaW5hbmNpYWwuY29tL2luZGV4LnBocD9vcHRpb249Y29tX2NvbnRlbnQmdmlldz1hcnRpY2xlJmlkPTM4Nzc6MjAxMS0wNy0wNi0xMy0yNS0zOCZjYXRpZD00MDpmaW5hbmNpYWwtaW5m&r=1 HTTP/1.0" 302 678 "http://ad.yieldads.com/st?ad_type=iframe&ad_size=300x250&section=2127478" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Alexa Toolbar)"
68.68.16.151 - - [28/Nov/2011:22:22:44 +0100] "GET http://cookex.amp.yahoo.com/v2/cexposer/SIG=13knum4n0/*http%3A//ad.yieldmanager.com/imp?Z=728x90&s=1773342&_salt=599809518&B=12&m=2&u=http%3A%2F%2Fwww.cab4fun.com%2F&r=1 HTTP/1.0" 302 744 "http://ad.media-servers.net/st?ad_type=iframe&ad_size=728x90&section=1773342" "Opera/9.62 (Windows NT 6.0; U; nb) Presto/2.1.1"
125.65.77.106 - - [28/Nov/2011:22:22:44 +0100] "GET http://tag.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=537907&ct=104817&cn=1&epid=&esid=&cf=300X250&rq=1&dw=undefined&cwu=http%3A%2F%2Fwww.juicedcode.com%2F&cwr=&mrnd=36334779&if=0&tl=1&pxy=&cxy=,&dxy=,&tz=-120&ln=en-us,en-us,en-us HTTP/1.0" 302 735 "http://www.juicedcode.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
218.23.163.54 - - [28/Nov/2011:22:22:44 +0100] "GET http://sess.adsmwt.com/session.gif?section=2513912 HTTP/1.0" 200 327 "http://www.osiea.com/sitemap" "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 Firebird/0.7"
114.97.204.148 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldmanager.com/iframe3?vj13AMUOFwCZKLUAAAAAAPflKwAAAAAAAgAAAAoAAAAAAP8AAAACF-DYIwAAAAAAMzUwAAAAAAAltjkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABm8w4AAAAAAAIAAwAAAAAAAAAAAAAAAAAAAABBn.nTPwAAAAAAAAAAAAAAQZ.54z8AAAAAAAAAAAAAAKYsiew.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADzDFk5.d8cC8E.P5A9oFzBW28h7VOMrFDEtbrzAAAAAA==,,http%3A%2F%2Fwww.adadgame.com%2F,B%3D12%26Z%3D160x600%252c120x600%26_salt%3D859275012%26m%3D2%26r%3D1%26s%3D1511109,054398f2-1a07-11e1-ada8-78e3b510dd7c,1322515325323 HTTP/1.0" 200 1406 "http://ad.yieldmanager.com/st?ad_type=iframe&ad_size=160x600,120x600&section=1511109" "Mozilla/4.0 (compatible; MSIE 6.0; Win32)"
76.10.223.181 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldmanager.com/iframe3?BC2OB6-xEwDi57QAAAAAAGTbKwAAAAAAAgAAAAEAAAAAAP8AAAACF.22HwAAAAAANqYXAAAAAABLpjkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwTwwAAAAAAAIAAwAAAAAA-wajZ7rL2j.7BqNnusvaP.sGo2e6y-o.-wajZ7rL6j.YuwZKziPzP9i7BkrOI.M.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxJT9EA-AcC0bTbFx7WI.nuf-cnjcizm6w-ffuAAAAAA==,,http%3A%2F%2Fwww.gamesfy.com%2F,B%3D12%26Z%3D120x600%26_salt%3D520085912%26m%3D2%26r%3D1%26s%3D1290671,08be490a-1a07-11e1-b1c2-f7ea97e86ce1,1322515331160 HTTP/1.0" 200 2024 "http://ad.media-servers.net/st?ad_type=iframe&ad_size=120x600&section=1290671" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2b5) Gecko/20091204 Firefox/3.6b5"
24.186.179.18 - - [28/Nov/2011:22:22:44 +0100] "POST http://core2.proxyswitcher.com/_a758a4fb9e78631bf9e1381d3b58c511.php HTTP/1.1" 200 632 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; WOW64; .NET CLR 1.1.4322; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)"
89.28.21.131 - - [28/Nov/2011:22:22:43 +0100] "GET http://cousinjamboree.com/?q=node/add/forum HTTP/1.0" 403 6119 "http://cousinjamboree.com/?q=node/add/forum" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.40607)"
68.68.16.151 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.globe7.com/st?ad_type=iframe&ad_size=300x250&section=1653103 HTTP/1.0" 200 4781 "http://www.bored-night.com" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.1; .NET CLR 3.5.30729; .NET CLR 3.0.30618)"
96.44.153.137 - - [28/Nov/2011:22:22:44 +0100] "GET http://cookex.amp.yahoo.com/v2/cexposer/SIG=158nuojd8/*http%3A//ad.yieldmanager.com/imp?Z=728x90&s=2641892&_salt=3691310607&B=10&u=http%3A%2F%2Fwww.skyflashgames.com%2F2011%2F11%2F10%2Fcall-of-duty-modern-warfare-3%2F&r=1 HTTP/1.0" 302 796 "http://ads.creafi-online-media.com/st?ad_type=iframe&ad_size=728x90&section=2641892" "Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 6.0; WOW64; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; c .NET CLR 3.0.04506; .NET CLR 3.5.30707; InfoPath.1; el-GR)"
72.46.132.26 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldmanager.com/iframe3?jlC1BNONGwBdgLkAAAAAAFfJLAAAAAAAAgAAAAIAAAAAAP8AAAACF4L.LAAAAAAAdCgpAAAAAAAyXjsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOlhEAAAAAAAIAAwAAAAAAAAAAAAAAAADtj3hKr5-6PwAAAAAAAAAAmyIPvrwvxj8AAAAAAAAAAAFWgw.psc8.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCG7STAeAcCwQaHr3YuW6RcrchuR2AORz9gQkIAAAAAA==,,http%3A%2F%2Fwww.bunegry.com%2F,B%3D12%26Z%3D300x250%26_salt%3D2861285555%26m%3D2%26r%3D1%26s%3D1805779,07ac67a4-1a07-11e1-9a66-973db02f2682,1322515329365 HTTP/1.0" 200 1507 "http://ad.yieldmanager.com/st?ad_type=iframe&ad_size=300x250&section=1805779" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322; Alexa Toolbar)"
64.237.54.179 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.xtendmedia.com/st?ad_type=iframe&ad_size=160x600&section=1293048 HTTP/1.0" 200 4793 "http://www.spreadfood.com/asparagus-pesto-with-pasta/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Alexa Toolbar)"
74.117.63.107 - - [28/Nov/2011:22:22:44 +0100] "GET http://pixel.quantserve.com/pixel/p-70x45KyHA6cIs.gif?media=ad HTTP/1.0" 200 325 "http://moonhealthylive.com/index.php?view=article&catid=36%3Afamily-and-relationships&id=1597%3A2011-07-16-12-18-37&tmpl=component&print=1&layout=default&page=&option=com_content&Itemid=65" "Mozilla/4.0 (compatible; MSIE 8.0; Linux i686; en) Opera 10.51"
68.68.16.111 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldmanager.com/imp?Z=300x250&s=1596622&_salt=1522295669&B=12&m=2&u=http%3A%2F%2Fwww.bored-face.com%2F&r=1 HTTP/1.0" 302 513 "http://ad.globe7.com/st?ad_type=iframe&ad_size=300x250&section=1596622" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; FunWebProducts; .NET CLR 1.1.4322; Windows-Media-Player/10.00.00.3990; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)"
68.68.16.111 - - [28/Nov/2011:22:22:44 +0100] "GET http://cookex.amp.yahoo.com/v2/cexposer/SIG=13insi8id/*http%3A//ad.yieldmanager.com/imp?Z=728x90&s=1432938&_salt=4110252002&B=12&m=2&u=http%3A%2F%2Fvb.pc4sy.com%2F&r=1 HTTP/1.0" 302 742 "http://ad.globe7.com/st?ad_type=iframe&ad_size=728x90&section=1432938" "Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0; YComp 5.0.2.6)"
221.215.112.238 - - [28/Nov/2011:22:22:44 +0100] "GET http://De.hosting.adjug.com/AdJugSearch/Results.aspx?ivi=V3.5+JS&ptcl=&dn=&p=&qs=&aid=2105&slid=130539&height=250&width=300&HTMLOP=False&CacheBuster=[time_stamp] HTTP/1.0" 200 1270 "http://tag.admeld.com/imp/iframe/424/2733/300x250/60360/cc559747074cf81659a4316d51c5ca93/2f25c864-a721-4b73-9460-28efc94ab09b?url=http%3A%2F%2Fwww%2E39games%2Ecom%2F&floor_price=0.00&r=1322515327" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; QQDownload 627; GTB6.6; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.21022; .NET CLR 3.5.30729; .NET CLR 3.0.30729)"
50.93.202.162 - - [28/Nov/2011:22:22:43 +0100] "GET http://stats.ilivid.com/tracking202/static/landing.php?lpip=7531 HTTP/1.0" 200 3830 "http://www.ilivid.com/lp_119_download_manager.htm" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3"
74.91.26.162 - - [28/Nov/2011:22:22:44 +0100] "GET http://ib.adnxs.com/ptj?member=88&size=300x250&inv_code=1755426&referrer=http://www.macgamefiles.com/index.php%3Fcat=1%26sub=118&redir=http%3A%2F%2Fad.yieldmanager.com%2Fst%3Fanmember%3D88%26anprice%3D%7BPRICEBUCKET%7D%26ad_type%3Dad%26ad_size%3D300x250%26section%3D1755426 HTTP/1.0" 302 713 "http://ad.103092804.com/st?ad_type=iframe&ad_size=300x250&section=1755426" "Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)"
199.119.204.40 - - [28/Nov/2011:22:22:44 +0100] "GET http://ox-d.smowtion.com/w/1.0/jstag HTTP/1.0" 200 19410 "http://www.financialstreetcore.com/index.php?view=article&catid=41%3Abuy-financial-software&id=6311%3A2011-09-02-22-49-10&tmpl=component&print=1&layout=default&page=&option=com_content&Itemid=97" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 95; Alexa Toolbar)"
61.139.105.162 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.yieldmanager.com/imp?Z=728x90&s=2040643&_salt=3370011803&B=10&u=http%3A%2F%2Fwww.onehealthweb.com%2F&r=1&SIG=10vnrfops;x-cookie=61whpqc7q7hea&o=3&f=bq HTTP/1.0" 200 1522 "http://ad.clovenetwork.com/st?ad_type=iframe&ad_size=728x90&section=2040643" "Mozilla/5.0 (MSIE 7.0; Macintosh; U; SunOS; X11; gu; SV1; InfoPath.2; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648)"
184.173.185.234 - - [28/Nov/2011:22:22:44 +0100] "GET http://fresnoadfed.org/errors/404/ HTTP/1.0" 404 580 "http://fresnoadfed.org/errors/404/" "Mozilla/1.22 (compatible; MSIE 2.0; Windows 95)"
61.139.105.162 - - [28/Nov/2011:22:22:44 +0100] "GET http://cookex.amp.yahoo.com/v2/cexposer/SIG=13oami61k/*http%3A//ad.yieldmanager.com/imp?Z=160x600&s=2093927&_salt=3159591830&B=10&u=http%3A%2F%2Fwww.ehowcar.com%2F?p=589&r=1 HTTP/1.0" 302 748 "http://www.ehowcar.com/?p=589" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; InfoPath.2)"
58.19.1.174 - - [28/Nov/2011:22:22:44 +0100] "GET http://cookex.amp.yahoo.com/v2/cexposer/SIG=13sguggtl/*http%3A//ad.yieldmanager.com/imp?Z=160x600&s=639464&_salt=1995203290&B=12&m=2&u=http%3A%2F%2Frocket-mails.net%2Frm.php&r=1 HTTP/1.0" 302 752 "http://ad.media-servers.net/st?ad_type=iframe&ad_size=160x600&section=639464" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
113.239.44.195 - - [28/Nov/2011:22:22:44 +0100] "GET http://bsf.smowtion.com/pixel.gif?id=1920052 HTTP/1.0" 200 257 "http://makingday.com/index.php?option=com_content&view=article&id=1791:Can-Self-Employed-Receive-Unemployment-Benefits-in-Massachusetts?--&catid=8" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; Maxthon 2.0)"
74.91.26.170 - - [28/Nov/2011:22:22:44 +0100] "GET http://ad.103092804.com/iframe3?wRMAAHf7HQBSDbgAAAAAAOiALAAAAAAAAAAEAAYAAAAAAAUAAQACF6AbMQAAAAAAl64pAAAAAACc3joAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1ZBIAAAAAAAIAAwAAAAAAAAAAAAAAAACOwrXr9i3YPwAAAAAAAAAAMjOz3IKZ4j8AAAAAAAAAAP..P664c.I.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADvD7DCCuAcCwWlEvsyshqcj1DKtWggW7dx0w3tAAAAAA==,,http%3A%2F%2Fad.103092804.com%2Fst%3Fad_type%3Diframe%26ad_size%3D728x90%26section%3D1964919,B%3D12%26Z%3D728x90%26_salt%3D146260819%26anmember%3D88%26anprice%3D%26m%3D2%26r%3D1%26s%3D1964919,0d36c61a-1a07-11e1-8c58-78e3b51151dc,1322515338661 HTTP/1.0" 302 1000 "http://ad.103092804.com/st?ad_type=iframe&ad_size=728x90&section=1964919" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)"
220.166.63.73 - - [28/Nov/2011:22:22:45 +0100] "GET http://ad.antventure.com/imp?Z=728x90&s=2426757&_salt=2247916976&B=12&m=2&u=http%3A%2F%2Fwww.pathba.com%2F&r=1 HTTP/1.0" 302 508 "http://ad.antventure.com/st?ad_type=iframe&ad_size=728x90&section=2426757" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.638.0 Safari/534.16"
50.19.164.160 - - [28/Nov/2011:22:22:44 +0100] "GET http://suggestqueries.google.com/complete/search?output=firefox&client=firefox&hl=en-US&q=hexadecimal+time+g HTTP/1.1" 200 357 "-" "-"
76.10.223.181 - - [28/Nov/2011:22:22:45 +0100] "GET http://cookex.amp.yahoo.com/v2/cexposer/SIG=13qb3j7kt/*http%3A//ad.yieldmanager.com/imp?Z=300x250&s=1474503&_salt=1971834580&B=12&m=2&u=http%3A%2F%2Fwww.tvgamedepot.com%2F&r=1 HTTP/1.0" 302 750 "http://ad.adtegrity.net/st?ad_type=iframe&ad_size=300x250&section=1474503" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; YPC 3.2.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; yplus 5.1.04b)"
114.96.102.152 - - [28/Nov/2011:22:22:45 +0100] "GET http://ad.clovenetwork.com/st?ad_type=iframe&ad_size=728x90&section=1909992 HTTP/1.0" 200 4796 "http://www.trafficgogo.com" "Mozilla/4.7 [en] (Win98; I)"
216.24.202.201 - - [28/Nov/2011:22:22:44 +0100] "GET http://adserver.adtech.de/addyn|3.0|59|3199198|0|170|ADTECH;cfp=1;rndc=132251531;loc=100;target=_blank;grp=48;misc=1322533312277;rdclick=http://ad.clovenetwork.com/clk?3,eAGdTt1uwiAUfpreFUNBsE2zC2ZXN1fUTZ1zN0ul1BIVmoVN7dOPtmYPMELgO9.POSfAcUl2O5njoYyiMCeliAOMpYCFEKj0YRzHOESUQIJg6C8vuhln9eKZJY9mJFh3JsU16xFj-xY89dUibP9xSuazeccz9kYPpBfHpW1MD..1Ju-g4rekm3fuIcBmNkr4.V.LyfrKV2v4kbwes1Va8WRr-So98mWgOFoPs81Ds91Mq.lketiilzO.7enyd75fWVt7mHkodVfpXAvZGC0Hwpw6opCXQV05S2pqq4z2cOKkT2G0ldp6iP4oeXZk.mWVOEpHqMKVhNLItUUwCACMACQgiADGAAXOIXLbmYbUWXIhzLe2Su.brJWnToroL6zHfug=,http://ad.clovenetwork.com/clk?3,eAGdTt1uwiAUfpreFUNBsE2zC2ZXN1fUTZ1zN0ul1BIVmoVN7dOPtmYPMELgO9.POSfAcUl2O5njoYyiMCeliAOMpYCFEKj0YRzHOESUQIJg6C8vuhln9eKZJY9mJFh3JsU16xFj-xY89dUibP9xSuazeccz9kYPpBfHpW1MD..1Ju-g4rekm3fuIcBmNkr4.V.LyfrKV2v4kbwes1Va8WRr-So98mWgOFoPs81Ds91Mq.lketiilzO.7enyd75fWVt7mHkodVfpXAvZGC0Hwpw6opCXQV05S2pqq4z2cOKkT2G0ldp6iP4oeXZk.mWVOEpHqMKVhNLItUUwCACMACQgiADGAAXOIXLbmYbUWXIhzLe2Su.brJWnToroL6zHfug=, HTTP/1.0" 200 2909 "http://ad.yieldmanager.com/iframe3?SxnzCLpPKADHo7cAAAAAAGdyLAAAAAAAAgAAAAIAAAAAAP8AAAACF5ONOgAAAAAAV6k5AAAAAACftzoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX-hMAAAAAAAIAAwAAAAAA-CjUgnzDrD83iUFg5dCyP2hmThSii7Q.4XoUrkfhuj8BAHD4wlm9PzMzMzMzM8M.AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADMORniwt8cC3RKvR-4RffCoKYEAKfYl3Sn7ZN0AAAAAA==,,http%3A%2F%2Financezone.com%2Findex.php%3Foption%3Dcom_content%26view%3Darticle%26id%3D5669%3A2011-09-05-19-33-21%26catid%3D46%3Aaccounting%26itemid%3D96,B%3D12%26Z%3D300x250%26_salt%3D3899303830%26m%3D2%26r%3D1%26s%3D2641850,e2154d4e-1a06-11e1-b3e8-a3aba8bdcd02,1322515266299" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; Maxthon 2; MAXTHON 2.0)"
62.212.85.153 - - [28/Nov/2011:22:22:44 +0100] "GET http://elibrary.ru:80/item.asp?id=500514 HTTP/1.1" 302 641 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)"
- VDR: Thermaltake DH 102 mit 7" TouchTFT * Mystique SaTiX-S2 Dual * Debian Wheezy/vdr-2.1.6/graphtft/MainMenuHooks-Patch * Intel Pentium G3220 * DH87RL * Zotac GT630 * 1 TB System HDD * 4 GB Corsair Vegance * Harmony 900 (39-44W)
- Server: Zotac H55-ITX WiFi, Core i3 540, 4GB RAM, 4x4TB 3.5" WD RED + 1x500GB 2.5", Cine S2, vdr-2.1.6
- vdr-theme-darkred: https://github.com/TheChief79/vdr-theme-darkred

This post has been edited 1 times, last edit by "TheChief" (Nov 28th 2011, 10:24pm)


5

Monday, November 28th 2011, 10:22pm

DOS-Versuch? DNS-Server Problem der Chinesen?
yaVDR-Doku

Meine VDRs

VDR 1: Point of View Ion-330-1 (Intel Atom 330@1,6 GHz). 2GB, 4TB HDD, KNC One DVB-C, Sundtek MediaTV Pro (DVB-C), Atric IR-Einschalter Rev.5, yaVDR 0.5 testing
VDR 2: Acer Revo 3610, 4GB Ram, 1x HDD 320 GB, Pinnacle PCTV SAT 452e, Medion X10, YaVDR 0.5
VDR 3: Intel DH67BL, Celeron 540, 4 GB Ram, POV Geforce 210 512 MB, 500 GB, DD Duo-flex CT, Arch LInux, VDR 2.1.6, CIR-Empfänger
Client 1: Raspberry Pi Model B, Arch Linux ARM, VDR 2.1.6
vdr-epg-daemon + MariaDB auf Cubietruck mit 32 GB SSD, Arch Linux ARM, optional Sundtek MediaTV Pro III + VDR 2.1.6
Ceterum censeo enchiridia esse lectitanda.

6

Monday, November 28th 2011, 11:10pm

Keine Ahnung, was das ist.

Wie muss denn die fail2ban Regel aussehen, um das abzuwehren?

Kann das eventuell an mod_proxy liegen? Quasi, dass mein Server als Proxy missbraucht wird?
- VDR: Thermaltake DH 102 mit 7" TouchTFT * Mystique SaTiX-S2 Dual * Debian Wheezy/vdr-2.1.6/graphtft/MainMenuHooks-Patch * Intel Pentium G3220 * DH87RL * Zotac GT630 * 1 TB System HDD * 4 GB Corsair Vegance * Harmony 900 (39-44W)
- Server: Zotac H55-ITX WiFi, Core i3 540, 4GB RAM, 4x4TB 3.5" WD RED + 1x500GB 2.5", Cine S2, vdr-2.1.6
- vdr-theme-darkred: https://github.com/TheChief79/vdr-theme-darkred

This post has been edited 1 times, last edit by "TheChief" (Nov 28th 2011, 11:23pm)


KlausiHH

Professional

Posts: 681

Location: Hamburg

Occupation: Web-Developer

  • Send private message

7

Monday, November 28th 2011, 11:42pm

Kann das eventuell an mod_proxy liegen? Quasi, dass mein Server als Proxy missbraucht wird?

Wäre eine Erklärung für die ganzen Requests auf Domains, die sicher nicht alle auf Deinem
Server gehostet sind. Kämen die aufgrund falscher DNS-Einträge zu Dir, würde Dein Apache
dann kaum mit 200er oder 300er Status-Codes antworten.
Ich sehe da ein bedenkliches Problem auf Deinem Server.
Mein VDR: OrigenAE/Amisos X15e, Asrock G41M-GE3, C2D E5700, 4 GB DDR3, WD SATA-HDD 500 GB, Nvidia GT 230 PCIe, TechnoTrend C-1501 + Terratec Cinergy C HD, 7" TFT (GraphTFT, ohne Touch), imon-Empfänger + Harmony 300i, yaVDR 0.4, Frontend xineliboutput, XBMC Eden aus testing, 24" PC-Monitor als Fernseher, 2.1 Boxen-Set Edifier C2 rev2, Kabelprovider Wilhelm Tell (ohne Grundverschlüsselung), 5 TB extern (USB) für Serien und Filme.
Hinweis für Allergiker: Dieser Beitrag kann Spuren von Nüssen enthalten.

This post has been edited 1 times, last edit by "KlausiHH" (Nov 28th 2011, 11:49pm)


8

Tuesday, November 29th 2011, 12:02am

Ich nutze mod_proxy um auf meinem Server intern von besipielsweise Port 80 auf 81 weiterzuleiten (ProxyPass/ProxyPassReverse). Jetz wäre natürlich die Frage, wie ich andere Proxy Anfragen
deaktivieren kann?! Eventuell "ProxyVia Off"?

Im Moment läuft fail2ban und blockt feißig alle Proxy-Anfragen. Ich will aber nicht das Symptom behandeln sondern die Ursache.
- VDR: Thermaltake DH 102 mit 7" TouchTFT * Mystique SaTiX-S2 Dual * Debian Wheezy/vdr-2.1.6/graphtft/MainMenuHooks-Patch * Intel Pentium G3220 * DH87RL * Zotac GT630 * 1 TB System HDD * 4 GB Corsair Vegance * Harmony 900 (39-44W)
- Server: Zotac H55-ITX WiFi, Core i3 540, 4GB RAM, 4x4TB 3.5" WD RED + 1x500GB 2.5", Cine S2, vdr-2.1.6
- vdr-theme-darkred: https://github.com/TheChief79/vdr-theme-darkred

KlausiHH

Professional

Posts: 681

Location: Hamburg

Occupation: Web-Developer

  • Send private message

9

Tuesday, November 29th 2011, 12:07am

Mein VDR: OrigenAE/Amisos X15e, Asrock G41M-GE3, C2D E5700, 4 GB DDR3, WD SATA-HDD 500 GB, Nvidia GT 230 PCIe, TechnoTrend C-1501 + Terratec Cinergy C HD, 7" TFT (GraphTFT, ohne Touch), imon-Empfänger + Harmony 300i, yaVDR 0.4, Frontend xineliboutput, XBMC Eden aus testing, 24" PC-Monitor als Fernseher, 2.1 Boxen-Set Edifier C2 rev2, Kabelprovider Wilhelm Tell (ohne Grundverschlüsselung), 5 TB extern (USB) für Serien und Filme.
Hinweis für Allergiker: Dieser Beitrag kann Spuren von Nüssen enthalten.

10

Tuesday, November 29th 2011, 12:11am

Auf der gleichen Seite war ich auch gerade. Ich glaube mein Problem war aber:

ProxyRequests On <= Das sollte in meinem Fall wohl auf "Off" stehen.

Werds mal beobachten.
- VDR: Thermaltake DH 102 mit 7" TouchTFT * Mystique SaTiX-S2 Dual * Debian Wheezy/vdr-2.1.6/graphtft/MainMenuHooks-Patch * Intel Pentium G3220 * DH87RL * Zotac GT630 * 1 TB System HDD * 4 GB Corsair Vegance * Harmony 900 (39-44W)
- Server: Zotac H55-ITX WiFi, Core i3 540, 4GB RAM, 4x4TB 3.5" WD RED + 1x500GB 2.5", Cine S2, vdr-2.1.6
- vdr-theme-darkred: https://github.com/TheChief79/vdr-theme-darkred