Koji probes
Mike McLean
mikem at redhat.com
Mon Oct 20 16:13:23 UTC 2008
Doug Ledford wrote:
> A total of 3 sites probed the server
> 66.249.71.77
> 66.249.71.78
> 66.249.71.79
These reverse map to googlebot.com.
> A total of 6 possible successful probes were detected (the following URLs
> contain strings that match one or more of a listing of strings that
> indicate a possible exploit):
>
> /koji/fileinfo?rpmID=866&filename=/usr/kerberos/bin/kpasswd HTTP Response 200
> /koji/fileinfo?rpmID=1356&filename=/usr/bin/ldappasswd HTTP Response 200
> /koji/fileinfo?rpmID=1954&filename=/usr/bin/vncpasswd HTTP Response 200
> /koji/fileinfo?rpmID=3570&filename=/usr/bin/vncpasswd HTTP Response 200
> /koji/fileinfo?rpmID=3107&filename=/usr/bin/ldappasswd HTTP Response 200
> /koji/fileinfo?rpmID=2686&filename=/usr/kerberos/bin/kpasswd HTTP Response 200
These links are all reachable via the web ui, any crawler might will hit
them. I suggest adding a robots.txt to keep crawlers out.
More information about the Fedora-buildsys-list
mailing list