Byla vydána nová verze 4.8.0 programu na úpravu digitálních fotografií darktable (Wikipedie).
Nová čísla časopisů od nakladatelství Raspberry Pi: MagPi 142 (pdf) a HackSpace 79 (pdf).
Qtractor (Wikipedie) dospěl do verze 1.0.0. Jedná se o Audio/MIDI vícestopý sekvencer.
Byl vydán svobodný kancelářský balík OnlyOffice Docs 8.1. Vedle četných oprav přináší několik funkcí včetně podpory editace textu v PDF a vytváření formulářů v PDF.
Daniel Stenberg, autor nástroje curl, z databáze SteamDB zjistil, že aktuálně 22 734 her na Steamu používá curl.
Společnost Anthropic vydala Claude 3.5 Sonnet, tj. novou verzi své umělé inteligence Claude (Wikipedie). Videoukázky na YouTube. S Claude 3, stejně jak s GPT-3.5, Llama 3 a Mixtral, si lze pokecat bez přihlašování na DuckDuckGo AI Chat.
Byla vydána nová stabilní verze 6.8 webového prohlížeče Vivaldi (Wikipedie). Postavena je na Chromiu 126. Přehled novinek i s náhledy v příspěvku na blogu a na YouTube. Vypíchnuta jsou vylepšení v integrovaném poštovním klientu.
Příspěvek Aukce domén – měsíc po spuštění na blogu CZ.NIC shrnuje první měsíc provozu Aukce domén .CZ. Aukcemi prošlo celkem 18 174 domén, z toho na 742 z nich byl učiněn alespoň 1 příhoz. Nejdražší aukcí byla na doménu virtualnisidlo.cz s cenou 95 001 Kč, která však nebyla včas uhrazena. Nejdražší aukcí, která byla vydražena i zaplacena je praguecityline.cz s cenovkou 55 600 Kč.
Před 40 lety, 19. června 1984, Bob Scheifler představil první verzi okenního systému X (X Window System). Vycházela z okenního systému W (W Window System).
Desktopové prostředí MATE bylo vydáno ve verzi 1.28. V gitových repozitářích je sice už od února, ale oznámení vydání se na webu objevilo s několikaměsíčním zpožděním (únorové datum zveřejnění je nepravdivé). Jde o první velké vydání od roku 2021. Uživatelsky nejvýznamnější pokrok je v podpoře Waylandu.
Řešení dotazu:
A potřebuji se na něj dostat z venku.Ok. Ale ak sa tam potrebuješ dostať len ty, tak asi nebude nekonečne veľa miest, odkiaľ je tam potrebné povoliť prístup.
netstat -a
, cat /etc/passwd
, cat /etc/crontab
taky by se dalo najit, co to je za cerva a pak zkusit najit specificke instrukce, moh by to bejt treba Linux.MuDrop.14 nebo Linux.Darlloz
a je to hp microserver? :)
root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/bin/sh man:x:6:12:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh www-data:x:33:33:www-data:/var/www:/bin/sh backup:x:34:34:backup:/var/backups:/bin/sh list:x:38:38:Mailing List Manager:/var/list:/bin/sh irc:x:39:39:ircd:/var/run/ircd:/bin/sh gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh nobody:x:65534:65534:nobody:/nonexistent:/bin/sh libuuid:x:100:101::/var/lib/libuuid:/bin/sh Debian-exim:x:101:103::/var/spool/exim4:/bin/false statd:x:102:65534::/var/lib/nfs:/bin/false messagebus:x:103:106::/var/run/dbus:/bin/false avahi:x:104:107:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false usbmux:x:105:46:usbmux daemon,,,:/home/usbmux:/bin/false festival:x:107:29::/home/festival:/bin/false haldaemon:x:109:115:Hardware abstraction layer,,,:/var/run/hald:/bin/false pulse:x:110:118:PulseAudio daemon,,,:/var/run/pulse:/bin/false saned:x:111:121::/home/saned:/bin/false ntp:x:106:110::/home/ntp:/bin/false colord:x:112:122:colord colour management daemon,,,:/var/lib/colord:/bin/false hplip:x:113:7:HPLIP system user,,,:/var/run/hplip:/bin/false rtkit:x:114:123:RealtimeKit,,,:/proc:/bin/false mdm:x:108:112:MDM Display Manager:/var/lib/mdm:/bin/false pfemir:x:1000:1000:MP:/home/pfemir:/bin/bash dnsmasq:x:115:65534:dnsmasq,,,:/var/lib/misc:/bin/false fetchmail:x:116:65534::/var/lib/fetchmail:/bin/false proftpd:x:119:65534::/var/run/proftpd:/bin/false ftp:x:120:65534::/srv/ftp:/bin/false mysql:x:121:126:MySQL Server,,,:/nonexistent:/bin/false postfix:x:122:127::/var/spool/postfix:/bin/false anita:x:1001:100:AP:/home/anita:/bin/sh johanka:x:1002:100:JP:/home/johanka:/bin/sh webuser:x:1003:1001::/home/webuser:/bin/sh WDLive:x:1004:1002:WDLive:/home/WDLive:/bin/sh dovecot:x:117:125:Dovecot mail server,,,:/usr/lib/dovecot:/bin/false dovenull:x:118:65534:Dovecot login user,,,:/nonexistent:/bin/false munin:x:123:129::/var/lib/munin:/bin/false sshd:x:124:65534::/var/run/sshd:/usr/sbin/nologin server:x:1005:100:Server:/home/server:/bin/sh web-runner:x:1006:1001::/home/web-runner:/bin/sh ET9100:x:1007:1003:ET9100:/home/ET9100:/bin/sh
find / -iname 'authorized_keys'
, obzvlast v /home/neco/.ssh je to podezrele, bych vsechny ty nezname prejmenoval
a pak treba jeste find / -iname '.rlogin'
a find / -iname '.rhosts'
tim by se asi vyloucilo prihlasovani
Tak zrovna všechny tyto znám, ty jsem vytvářel já. A pokud se nemýlím, tak www-data se vytváří automaticky při instalaci apache.
V /etc/shadow mám zašifrovaná hesla jen u účtů co znám, u ostatních je jen "*". U www-data je také jen "*".
find / -iname 'authorized_keys', find / -iname '.rlogin'
a find / -iname '.rhosts'
mi nenašlo vůbec nic.
A je nějaký způsob, jak tu díru nalézt?
A ještě jedna věc mi není jasná, jak se někdo může dostat přes apache do mého /tmp? Ještě bych chápal, že se dostane do adresáře kde mám webové stránky, tzn. /home/webuser/www
Propříště doporučuju zálohovat alespoň konfiguraci
A co si mám představit pod pojmem konfigurace? Já, protože jsem amatér, vše co jde, tak nastavuji přes webmin. V tom mám také zazálohovány konfigurace všech modulů. Problém ovšem je, že dnes už je webmin o X verzí dál, a některé ty konfigurace už nesežere. A to nemluvím o tom, že když jsem např. dělal něco v PHP a ono to ne a ne fungovat, tak po X probdělích nocích, jsem se někde dočetl, že tam musím doinstalovat nějakou knihovnu. Ta, samozřejmě, v žádné konfiguraci uložena není a dnes už nevím o jakou se jedná. A na takových problémů jsem, během toho roku odlazování, narazil nesčetněkrát.
Proto jsem si udělal také image celého disku, ale to už je 4-5 let zpátky, to už dnes není aktuální.
Jak řešíte vy zálohu serverů?
I kdybys nakrásně zjistil, jak se ti tam dotyčný dostává, neznamená to, že se nenechal ještě nějaká další zadní vrátka
Ale pokud to nezjistím a nespravím, tak se mi tam dostane znovu.
Propříště doporučuju zálohovat alespoň konfiguraci
A co si mám představit pod pojmem konfigurace? Já, protože jsem amatér, vše co jde, tak nastavuji přes webmin.
Typicky obsah /etc (není úplně od věci /etc verzovat, protože pak se snadno dá dohledat co jsi proč změnil), seznam instalovaných balíčků (pokud jsou tam nějaké věci, které sis kompiloval sám, tak nějaká forma předpisu pro kompilaci – třeba zdrojový balíček) a separátně data (/srv, /home…).
Zálohování celého disku určitě smysl má kvůli rychlé obnově např. z důvodu selhání hardware, ale v případě napadení jsem zastáncem toho udělat čistý reinstal než se snažit to čistit nebo tam nahrávat verzi před napadením, která je beztak děravá.
I kdybys nakrásně zjistil, jak se ti tam dotyčný dostává, neznamená to, že se nenechal ještě nějaká další zadní vrátka
Ale pokud to nezjistím a nespravím, tak se mi tam dostane znovu.
To je pravda.
takže webmin by měl být novější než 10. července a php novější než 10. srpna. jinak jsou děravéNa druhou stranu dost těch chyb není jen tak vzdáleně zneužitelných. V tazatelově případě bych tipoval spíš chybu v nějaké konkrétní webové aplikaci, kterou si sám nainstaloval (zatím nám bohužel neprozradil, co tam běží) Ale samozřejmě není od věci mít skript, který na updatování balíčků dohlédne (ať už cron-apt, unattended-updates, nebo něco vlastního)
Z CVE.takže webmin by měl být novější než 10. července a php novější než 10. srpna. jinak jsou děravéNa druhou stranu dost těch chyb není jen tak vzdáleně zneužitelných.
Multiple Cross-site scripting (XSS) vulnerabilities in Webmin before 1.850 allow remote attackers to inject arbitrary web script
vložíš tam skript a pak ho pustíš. Pokud tazatel nemá databázi hashů souborů a pojmenuješ ho nějak přirozeně, ani nezjistí, že tam je něco divně.
Pokud jsi amatér, tak si to nechej někým udělat
To si vůbec nedokážu představit. Potřebuji mít nad tím kontrolu. Každou chvíli tam něco předělávám, dodělávám, atd., prostě bavím se tím. To bych toho člověka musel volat 3x do měsíce a stejně by to nebylo tak jak chci. A také se rád něčemu přiučím, takže ty probdělé noci neberu jako ztrátu. V PC se vrtám od mala a programováním se živím. Je to ale jiné programování než toto. O aktualizace se snažím, ale nemám úplně poslední verze. Apache mám 2.4.6, Webmin 1.82, PHP 5.5.6-1, Joomla 3.2.3 Stable. Vím, že už je např. PHP7, i jsem ho zkoušel, ale přestalo mi tam fungovat spoustu věcí, tak jsem se vrátil k pětce.
Záloha serverů
/etc i /home zálohované mám. Ale, jak už jsem psal, problém je hlavně ten, že aby všechno jelo, tak jsem tam musel instalovat různé knihovny atd., dle postupů co jsem vygooglil nebo mi někdo poradil. A dnes už nevím, co všechno to bylo. Navíc v novější verzi se třeba ta knihovna jmenuje jinak nebo už není potřeba nebo je potřeba nějaká úplně jiná apod.
end-to-end šifrování
Co se tímto přesně myslí? Pro přístup do pošty nebo do fotogalerie používám přihlášení přes HTTPS, pokud se potřebuji z venku dostat do vnitřní sítě (to dělám jen já), tak se připojuji přes VPN.
Díky za podrobný popis, zkusim něco takového provést.
Jinak žádné knihovny mimo repozitáře jsem neinstaloval, ani jsem žádné nekompilovat.
Mint na server mi dobrá volba nepřipadáNení to prostě přebarvené Ubuntu i s jejich repozitářema? (první vygooglený odkaz to třeba potvrzuje)
Já si pořád myslím, že ten problém je v nějaké mimodistribuční webové aplikaci, kterou hostuje.Asi ano, ale pokud ta dá cokoliv, co mu znemožní aktualizovat, tak to patrně někdo nabourá.
Neřešil jsem až zase tak detailně. Jen jsem měl pocit, že ty informace o LTS v mintu nejsou až zase tak zřejmé, a pokud je to server, tak toho, co je specifické pro Mint, moc nebude potřebovat. CentOS mě díky délce podpory připadá rozumný, protože kromě aktualizací nebude řešit nic do konce životnosti HW.Mint na server mi dobrá volba nepřipadáNení to prostě přebarvené Ubuntu i s jejich repozitářema? (první vygooglený odkaz to třeba potvrzuje)
O aktualizace se snažím, ale nemám úplně poslední verze. Apache mám 2.4.6, Webmin 1.82, PHP 5.5.6-1, Joomla 3.2.3 Stable.To nevadí, pokud jsou to repozitářové verze podporované distribuce, tak tam jsou bezpečnostní opravy backportované.
Trvalo mi minimálně rok než jsem tam rozběhal vše co jsem chtěl.Na tohle se hodí virtualizace. Nainstaluješ čistý systém, starý hodíš do kontejneru a necháš ho dál fungovat, abys měl služby stále dostupné. Postupně pak budeš jednotlivé služby migrovat do čistých kontejnerů. Různým pochybným PHP aplikacím dáš samostatné kontejnery, aby se nemohly dostat, kam nemají. Nakonec se bordelu zbavíš, budeš vědět, kde co máš a přitom budeš fungovat prakticky bez výpadku.
Na virtualizaci přímo na serveru nemám dostatečný HW. Já to dělám tak, že mám druhý externí HDD na který instaluji čistý systém, a až to mám hotovo, tak HDD v serveru vyměním.
Různým pochybným PHP aplikacím dáš samostatné kontejnery
Toto je jak myšleno? To jsem nepochopil.
Pro každou aplikaci spustíš samostatné PHP-FPM (a případně i nginx) v samostatném kontejneru. Na hostujícím systému pak nastavíš reverzní proxy (samostatný nginx bez PHP) do toho kontejneru (případně jen nasměruješ FastCGI na PHP-FPM uvnitř kontejneru). V podstatě to bude jako kdyby ta aplikace běžela na samostatném serveru.Různým pochybným PHP aplikacím dáš samostatné kontejneryToto je jak myšleno? To jsem nepochopil.
Z toho mám právě obavu. Doporučuješ nějaký jiný postup, jak bys to řešil ty?
.-'---`-. ,' `. | \ | \ \ _ \ ,\ _ ,'-,/-)\ ( * \ \,' ,' ,'-) `._,) -',-') \/ ''/ ) / / / ,'-'
HOST: pfemir.cz SCAN ID: 170824-1932.6655 STARTED: srp 24 2017 19:32:25 +0200 COMPLETED: srp 25 2017 09:18:15 +0200 ELAPSED: 49550s [find: 44s] PATH: /home TOTAL FILES: 185970 TOTAL HITS: 2 TOTAL CLEANED: 0 WARNING: Automatic quarantine is currently disabled, detected threats are still accessible to users! To enable, set quarantine_hits=1 and/or to quarantine hits from this scan run: /usr/local/sbin/maldet -q 170824-1932.6655 FILE HIT LIST: {HEX}gzbase64.inject.unclassed.15 : /home/pfemir/maldetect-1.6.2/files/clean/gzbase64.inject.unclassed {HEX}gzbase64.inject.unclassed.15 : /home/pfemir/maldetect-1.6.2/files/sigs/rfxn.yara =============================================== Linux Malware Detect v1.6.2 < proj@rfxn.com >a z toho jsem nepochopil co a kde vlastně našel. Lynis proběhl poměrně rychle. Jestli jsem to správně pochopil, tak nekotroluje soubory, ale nastavení systému. Několik warningu tam je, ale moc tomu nerozumím. Mohl by se na to, prosím někdo mrknout?
[ Lynis 2.5.3 ] ################################################################################ Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under the terms of the GNU General Public License. See the LICENSE file for details about using this software. 2007-2017, CISOfy - https://cisofy.com/lynis/ Enterprise support available (compliance, plugins, interface and tools) ################################################################################ [+] Initializing program ------------------------------------ ################################################################### # # # NON-PRIVILEGED SCAN MODE # # # ################################################################### NOTES: -------------- * Some tests will be skipped (as they require root permissions) * Some tests might fail silently or give different results - Detecting OS... [ DONE ] - Checking profiles... [ DONE ] - Detecting language and localization [ cs ] Notice: no language file found for 'cs' (tried: /usr/local/lynis/lynis/db/la nguages/cs) --------------------------------------------------- Program version: 2.5.3 Operating system: Linux Operating system name: Debian Operating system version: jessie/sid Kernel version: 3.12.1 Hardware platform: x86_64 Hostname: pfemir --------------------------------------------------- Profiles: /usr/local/lynis/lynis/default.prf Log file: /tmp/lynis.log Report file: /tmp/lynis-report.dat Report version: 1.0 Plugin directory: ./plugins --------------------------------------------------- Auditor: [Not Specified] Test category: all Test group: all --------------------------------------------------- - Program update status... [ NO UPDATE ] [+] System Tools ------------------------------------ - Scanning available tools... - Checking system binaries... [+] Plugins (phase 1) ------------------------------------ Note: plugins have more extensive tests and may take several minutes to complete - Plugins enabled [ NONE ] [+] Boot and services ------------------------------------ - Service Manager [ SysV Init ] - Checking presence GRUB2 [ FOUND ] - Checking for password protection [ WARNING ] - Check services at startup (rc2.d) [ DONE ] Result: found 54 services - Check startup files (permissions) [ OK ] [+] Kernel ------------------------------------ - Checking default run level [ 2 ] - Checking CPU support (NX/PAE) CPU support: PAE and/or NoeXecute supported [ FOUND ] - Checking kernel version and release [ DONE ] - Checking kernel type [ DONE ] - Checking loaded kernel modules [ DONE ] Found 59 active modules - Checking Linux kernel configuration file [ FOUND ] - Checking default I/O kernel scheduler [ FOUND ] - Checking for available kernel update [ OK ] - Checking core dumps configuration [ DISABLED ] - Checking setuid core dumps configuration [ DEFAULT ] - Check if reboot is needed [ NO ] [+] Memory and Processes ------------------------------------ - Checking /proc/meminfo [ FOUND ] - Searching for dead/zombie processes [ OK ] - Searching for IO waiting processes [ OK ] [+] Users, Groups and Authentication ------------------------------------ - Administrator accounts [ OK ] - Unique UIDs [ OK ] - Unique group IDs [ OK ] - Unique group names [ OK ] - Password file consistency [ SUGGESTION ] - Query system users (non daemons) [ DONE ] - NIS+ authentication support [ NOT ENABLED ] - NIS authentication support [ NOT ENABLED ] - sudoers file [ FOUND ] - Check sudoers file permissions [ OK ] - PAM password strength tools [ SUGGESTION ] - PAM configuration files (pam.conf) [ FOUND ] - PAM configuration files (pam.d) [ FOUND ] - PAM modules [ FOUND ] - LDAP module in PAM [ NOT FOUND ] - Accounts without expire date [ OK ] - Accounts without password [ OK ] - Checking user password aging (minimum) [ DISABLED ] - User password aging (maximum) [ DISABLED ] - Checking Linux single user mode authentication [ OK ] - Determining default umask - umask (/etc/profile) [ NOT FOUND ] - umask (/etc/login.defs) [ SUGGESTION ] - umask (/etc/init.d/rc) [ SUGGESTION ] - LDAP authentication support [ NOT ENABLED ] - Logging failed login attempts [ ENABLED ] [+] Shells ------------------------------------ - Checking shells from /etc/shells Result: found 13 shells (valid shells: 7). - Session timeout settings/tools [ NONE ] - Checking default umask values - Checking default umask in /etc/bash.bashrc [ NONE ] - Checking default umask in /etc/profile [ NONE ] [+] File systems ------------------------------------ - Checking mount points - Checking /home mount point [ SUGGESTION ] - Checking /tmp mount point [ SUGGESTION ] - Checking /var mount point [ SUGGESTION ] - Query swap partitions (fstab) [ OK ] - Testing swap partitions [ OK ] - Testing /proc mount (hidepid) [ SUGGESTION ] - Checking for old files in /tmp [ OK ] - Checking /tmp sticky bit [ OK ] - Mount options of / [ NON DEFAULT ] - Checking Locate database [ FOUND ] - Disable kernel support of some filesystems - Discovered kernel modules: cramfs freevxfs hfs hfsplus jffs2 squashfs udf [+] Storage ------------------------------------ - Checking usb-storage driver (modprobe config) [ NOT DISABLED ] - Checking USB devices authorization [ ENABLED ] - Checking firewire ohci driver (modprobe config) [ NOT DISABLED ] [+] NFS ------------------------------------ - Query rpc registered programs [ DONE ] - Query NFS versions [ DONE ] - Query NFS protocols [ DONE ] - Check running NFS daemon [ FOUND ] - Checking /etc/exports [ FOUND ] - Checking NFS client access [ OK ] [+] Name services ------------------------------------ - Checking default DNS search domain [ FOUND ] - Searching DNS domain name [ FOUND ] Domain name: cz - Checking nscd status [ RUNNING ] - Checking /etc/hosts - Checking /etc/hosts (duplicates) [ OK ] - Checking /etc/hosts (hostname) [ OK ] - Checking /etc/hosts (localhost) [ SUGGESTION ] - Checking /etc/hosts (localhost to IP) [ OK ] [+] Ports and packages ------------------------------------ - Searching package managers - Searching dpkg package manager [ FOUND ] - Querying package manager - Query unpurged packages [ FOUND ] - Checking security repository in sources.list file or directory [ WARNING ] - Checking package audit tool [ NONE ] [+] Networking ------------------------------------ - Checking IPv6 configuration [ DISABLED ] - Checking configured nameservers - Testing nameservers Nameserver: 77.242.95.2 [ OK ] Nameserver: 192.168.1.1 [ OK ] - Minimal of 2 responsive nameservers [ OK ] - Checking default gateway [ DONE ] - Getting listening ports (TCP/UDP) [ DONE ] * Found 80 ports - Checking promiscuous interfaces [ OK ] - Checking waiting connections [ OK ] - Checking status DHCP client [ NOT ACTIVE ] - Checking for ARP monitoring software [ NOT FOUND ] [+] Printers and Spools ------------------------------------ - Checking cups daemon [ RUNNING ] - Checking CUPS configuration file [ NOT FOUND ] - Checking lp daemon [ NOT RUNNING ] [+] Software: e-mail and messaging ------------------------------------ - Postfix status [ RUNNING ] - Postfix configuration [ FOUND ] - Postfix configuration errors [ WARNING ] - Postfix banner [ WARNING ] - Dovecot status [ RUNNING ] [+] Software: firewalls ------------------------------------ - Checking iptables kernel module [ FOUND ] - Checking host based firewall [ ACTIVE ] [+] Software: webserver ------------------------------------ - Checking Apache (binary /usr/sbin/apache2) [ FOUND ] Info: Found 6 virtual hosts * Loadable modules [ FOUND (107) ] - Found 107 loadable modules mod_evasive: anti-DoS/brute force [ NOT FOUND ] mod_reqtimeout/mod_qos [ FOUND ] ModSecurity: web application firewall [ NOT FOUND ] - Checking nginx [ NOT FOUND ] [+] SSH Support ------------------------------------ - Checking running SSH daemon [ FOUND ] - Searching SSH configuration [ FOUND ] - SSH option: AllowTcpForwarding [ SUGGESTION ] - SSH option: ClientAliveCountMax [ SUGGESTION ] - SSH option: ClientAliveInterval [ OK ] - SSH option: Compression [ SUGGESTION ] - SSH option: FingerprintHash [ NOT FOUND ] - SSH option: GatewayPorts [ OK ] - SSH option: IgnoreRhosts [ OK ] - SSH option: LoginGraceTime [ OK ] - SSH option: LogLevel [ SUGGESTION ] - SSH option: MaxAuthTries [ SUGGESTION ] - SSH option: MaxSessions [ SUGGESTION ] - SSH option: PermitRootLogin [ SUGGESTION ] - SSH option: PermitUserEnvironment [ OK ] - SSH option: PermitTunnel [ OK ] - SSH option: Port [ SUGGESTION ] - SSH option: PrintLastLog [ OK ] - SSH option: Protocol [ OK ] - SSH option: StrictModes [ OK ] - SSH option: TCPKeepAlive [ SUGGESTION ] - SSH option: UseDNS [ SUGGESTION ] - SSH option: VerifyReverseMapping [ NOT FOUND ] - SSH option: X11Forwarding [ SUGGESTION ] - SSH option: AllowAgentForwarding [ NOT FOUND ] - SSH option: AllowUsers [ NOT FOUND ] - SSH option: AllowGroups [ NOT FOUND ] [+] SNMP Support ------------------------------------ - Checking running SNMP daemon [ NOT FOUND ] [+] Databases ------------------------------------ - MySQL process status [ FOUND ] [+] LDAP Services ------------------------------------ - Checking OpenLDAP instance [ NOT FOUND ] [+] PHP ------------------------------------ - Checking PHP [ FOUND ] - Checking PHP disabled functions [ FOUND ] - Checking expose_php option [ ON ] - Checking enable_dl option [ OFF ] - Checking allow_url_fopen option [ ON ] - Checking allow_url_include option [ OFF ] - Checking PHP suhosin extension status [ WARNING ] - Suhosin simulation mode status [ WARNING ] [+] Squid Support ------------------------------------ - Checking running Squid daemon [ FOUND ] - Searching Squid configuration [ FOUND ] - Checking Squid version [ FOUND ] /bin/grep: /etc/squid/squid.conf: Permission denied - Checking defined Squid options [ DONE ] - Checking Squid configuration file permissions [ OK ] - Checking Squid access control /bin/grep: /etc/squid/squid.conf: Permission denied - Checking Squid authentication methods [ NONE ] /bin/grep: /etc/squid/squid.conf: Permission denied - Checking Squid external authentication methods [ NONE ] /bin/grep: /etc/squid/squid.conf: Permission denied - Checking Access Control Lists [ NONE ] /bin/grep: /etc/squid/squid.conf: Permission denied - Checking ACL 'Safe_ports' http_access option [ NOT FOUND ] - Checking Squid Denial of Service tuning options /bin/grep: /etc/squid/squid.conf: Permission denied - Checking option: reply_body_max_size [ NONE ] - Checking Squid general options /bin/grep: /etc/squid/squid.conf: Permission denied - Checking option: httpd_suppress_version_string [ NOT FOUND ] [+] Logging and files ------------------------------------ - Checking for a running log daemon [ OK ] - Checking Syslog-NG status [ NOT FOUND ] - Checking systemd journal status [ NOT FOUND ] - Checking Metalog status [ NOT FOUND ] - Checking RSyslog status [ FOUND ] - Checking RFC 3195 daemon status [ NOT FOUND ] - Checking minilogd instances [ NOT FOUND ] - Checking logrotate presence [ OK ] - Checking log directories (static list) [ DONE ] - Checking open log files [ DONE ] - Checking deleted files in use [ FILES FOUND ] [+] Insecure services ------------------------------------ - Checking inetd status [ NOT ACTIVE ] [+] Banners and identification ------------------------------------ - /etc/issue [ FOUND ] - /etc/issue contents [ WEAK ] - /etc/issue.net [ FOUND ] - /etc/issue.net contents [ WEAK ] [+] Scheduled tasks ------------------------------------ - Checking crontab/cronjob [ DONE ] - Checking atd status [ RUNNING ] - Checking at users [ DONE ] - Checking at jobs [ NONE ] [+] Accounting ------------------------------------ - Checking accounting information [ NOT FOUND ] - Checking sysstat accounting data [ NOT FOUND ] - Checking auditd [ NOT FOUND ] [+] Time and Synchronization ------------------------------------ - NTP daemon found: ntpd [ FOUND ] - Checking event based ntpdate (if-up) [ FOUND ] - Checking for a running NTP daemon or client [ OK ] - Checking valid association ID's [ FOUND ] - Checking high stratum ntp peers [ OK ] - Checking unreliable ntp peers [ FOUND ] - Checking selected time source [ OK ] - Checking time source candidates [ OK ] - Checking falsetickers [ OK ] - Checking NTP version [ FOUND ] [+] Cryptography ------------------------------------ - Checking for expired SSL certificates [ FOUND ] [+] Virtualization ------------------------------------ [+] Containers ------------------------------------ [+] Security frameworks ------------------------------------ - Checking presence AppArmor [ NOT FOUND ] - Checking presence SELinux [ NOT FOUND ] - Checking presence grsecurity [ NOT FOUND ] - Checking for implemented MAC framework [ NONE ] [+] Software: file integrity ------------------------------------ - Checking file integrity tools - Checking presence integrity tool [ NOT FOUND ] [+] Software: System tooling ------------------------------------ - Checking automation tooling - Automation tooling [ NOT FOUND ] - Checking presence of Fail2ban [ FOUND ] - Checking Fail2ban jails [ ENABLED ] - Checking for IDS/IPS tooling [ FOUND ] [+] Software: Malware ------------------------------------ - Checking LMD (Linux Malware Detect) [ FOUND ] [+] File Permissions ------------------------------------ - Starting file permissions check [+] Home directories ------------------------------------ - Checking shell history files [ OK ] [+] Kernel Hardening ------------------------------------ - Comparing sysctl key pairs with scan profile [+] Hardening ------------------------------------ - Installed compiler(s) [ FOUND ] - Installed malware scanner [ FOUND ] [+] Custom Tests ------------------------------------ - Running custom tests... [ NONE ] [+] Plugins (phase 2) ------------------------------------ ================================================================================ -[ Lynis 2.5.3 Results ]- Warnings (3): ---------------------------- ! Can't find any security repository in /etc/apt/sources.list or sources.list.d directory [PKGS-7388] https://cisofy.com/controls/PKGS-7388/ ! Found some information disclosure in SMTP banner (OS or software name) [MAIL-8818] https://cisofy.com/controls/MAIL-8818/ ! PHP option expose_php is possibly turned on, which can reveal useful information for attackers. [PHP-2372] https://cisofy.com/controls/PHP-2372/ Suggestions (50): ---------------------------- * Set a password on GRUB bootloader to prevent altering boot configuration (e.g. boot in single user mode without password) [BOOT-5122] https://cisofy.com/controls/BOOT-5122/ * Run pwck manually and correct any errors in the password file [AUTH-9228] https://cisofy.com/controls/AUTH-9228/ * Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc [AUTH-9262] https://cisofy.com/controls/AUTH-9262/ * Configure minimum password age in /etc/login.defs [AUTH-9286] https://cisofy.com/controls/AUTH-9286/ * Configure maximum password age in /etc/login.defs [AUTH-9286] https://cisofy.com/controls/AUTH-9286/ * Default umask in /etc/login.defs could be more strict like 027 [AUTH-9328] https://cisofy.com/controls/AUTH-9328/ * Default umask in /etc/init.d/rc could be more strict like 027 [AUTH-9328] https://cisofy.com/controls/AUTH-9328/ * To decrease the impact of a full /home file system, place /home on a separated partition [FILE-6310] https://cisofy.com/controls/FILE-6310/ * To decrease the impact of a full /tmp file system, place /tmp on a separated partition [FILE-6310] https://cisofy.com/controls/FILE-6310/ * To decrease the impact of a full /var file system, place /var on a separated partition [FILE-6310] https://cisofy.com/controls/FILE-6310/ * Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft [STRG-1840] https://cisofy.com/controls/STRG-1840/ * Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft [STRG-1846] https://cisofy.com/controls/STRG-1846/ * Split resolving between localhost and the hostname of the system [NAME-4406] https://cisofy.com/controls/NAME-4406/ * Purge old/removed packages (3 found) with aptitude purge or dpkg --purge command. This will cleanup old configuration files, cron jobs and startup scripts. [PKGS-7346] https://cisofy.com/controls/PKGS-7346/ * Install debsums utility for the verification of packages with known good database. [PKGS-7370] https://cisofy.com/controls/PKGS-7370/ * Install a package audit tool to determine vulnerable packages [PKGS-7398] https://cisofy.com/controls/PKGS-7398/ * Consider running ARP monitoring software (arpwatch,arpon) [NETW-3032] https://cisofy.com/controls/NETW-3032/ * Found a configuration error in Postfix [MAIL-8817] - Details : /etc/postfix/main.cf - Solution : run postconf > /dev/null https://cisofy.com/controls/MAIL-8817/ * You are advised to hide the mail_name (option: smtpd_banner) from your postfix configuration. Use postconf -e or change your main.cf file (/etc/postfix/main.cf) [MAIL-8818] https://cisofy.com/controls/MAIL-8818/ * Install Apache mod_evasive to guard webserver against DoS/brute force attempts [HTTP-6640] https://cisofy.com/controls/HTTP-6640/ * Install Apache modsecurity to guard webserver against web application attacks [HTTP-6643] https://cisofy.com/controls/HTTP-6643/ * Consider hardening SSH configuration [SSH-7408] - Details : AllowTcpForwarding (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : ClientAliveCountMax (3 --> 2) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : Compression (DELAYED --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : LogLevel (INFO --> VERBOSE) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : MaxAuthTries (6 --> 2) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : MaxSessions (10 --> 2) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : PermitRootLogin (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : Port (22 --> ) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : TCPKeepAlive (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : UseDNS (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : X11Forwarding (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Change the expose_php line to: expose_php = Off [PHP-2372] https://cisofy.com/controls/PHP-2372/ * Change the allow_url_fopen line to: allow_url_fopen = Off, to disable downloads via PHP [PHP-2376] https://cisofy.com/controls/PHP-2376/ * Harden PHP by enabling suhosin extension [PHP-2379] https://cisofy.com/controls/PHP-2379/ * Harden PHP by deactivating suhosin simulation mode [PHP-2379] https://cisofy.com/controls/PHP-2379/ * Check if Squid has been configured to restrict access to all safe ports [SQD-3624] https://cisofy.com/controls/SQD-3624/ * Configure Squid option reply_body_max_size to limit the upper size of requests. [SQD-3630] https://cisofy.com/controls/SQD-3630/ * Configure Squid option httpd_suppress_version_string (on) to suppress the version. [SQD-3680] https://cisofy.com/controls/SQD-3680/ * Check what deleted files are still in use and why. [LOGG-2190] https://cisofy.com/controls/LOGG-2190/ * Add a legal banner to /etc/issue, to warn unauthorized users [BANN-7126] https://cisofy.com/controls/BANN-7126/ * Add legal banner to /etc/issue.net, to warn unauthorized users [BANN-7130] https://cisofy.com/controls/BANN-7130/ * Enable process accounting [ACCT-9622] https://cisofy.com/controls/ACCT-9622/ * Enable sysstat to collect accounting (no results) [ACCT-9626] https://cisofy.com/controls/ACCT-9626/ * Enable auditd to collect audit information [ACCT-9628] https://cisofy.com/controls/ACCT-9628/ * Check ntpq peers output for unreliable ntp peers and correct/replace them [TIME-3120] https://cisofy.com/controls/TIME-3120/ * Check available certificates for expiration [CRYP-7902] https://cisofy.com/controls/CRYP-7902/ * Install a file integrity tool to monitor changes to critical and sensitive files [FINT-4350] https://cisofy.com/controls/FINT-4350/ * Determine if automation tools are present for system management [TOOL-5002] https://cisofy.com/controls/TOOL-5002/ * Harden compilers like restricting access to root user only [HRDN-7222] https://cisofy.com/controls/HRDN-7222/ Follow-up: ---------------------------- - Show details of a test (lynis show details TEST-ID) - Check the logfile for all details (less /tmp/lynis.log) - Read security controls texts (https://cisofy.com) - Use --upload to upload data to central system (Lynis Enterprise users) ================================================================================ Lynis security scan details: Hardening index : 62 [############ ] Tests performed : 235 Plugins enabled : 0 Components: - Firewall [V] - Malware scanner [V] Lynis Modules: - Compliance Status [?] - Security Audit [V] - Vulnerability Scan [V] Files: - Test and debug information : /tmp/lynis.log - Report data : /tmp/lynis-report.dat ================================================================================ Skipped tests due to non-privileged mode BOOT-5108 - Check Syslinux as bootloader BOOT-5116 - Check if system is booted in UEFI mode AUTH-9216 - Check group and shadow group files AUTH-9288 - Checking for expired passwords FILE-6368 - Checking ACL support on root file system PKGS-7392 - Check for Debian/Ubuntu security updates FIRE-4508 - Check used policies of iptables chains FIRE-4512 - Check iptables for empty ruleset FIRE-4513 - Check iptables for unused rules FIRE-4586 - Check firewall logging ================================================================================ Lynis 2.5.3 Auditing, system hardening, and compliance for UNIX-based systems (Linux, macOS, BSD, and others) 2007-2017, CISOfy - https://cisofy.com/lynis/ Enterprise support available (compliance, plugins, interface and tools) ================================================================================
maldet --report 170824-1932.6655
, kdyz chces videt co nasel
nebo to co rika on, pokud to chces od nej dat do karanteny, ale radsi bych to udelal rucne
podle toho co nasel by se mohlo jednat o toto
ten lynis asi nic zajimaveho nenasel, jen si stezuje, ze si ho nepustil pres sudo
jedine uzitecne mi prislo: PHP option expose_php is possibly turned on, which can reveal useful information for attackers. [PHP-2372]
https://cisofy.com/controls/PHP-2372/
ten maldet mas udelat neco jako maldet --report 170824-1932.6655, kdyz chces videt co nasel
Šak to co jsem sem dal, je právě ten report.
Ten odkaz si prostuduji.
[ Lynis 2.5.3 ] ################################################################################ Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under the terms of the GNU General Public License. See the LICENSE file for details about using this software. 2007-2017, CISOfy - https://cisofy.com/lynis/ Enterprise support available (compliance, plugins, interface and tools) ################################################################################ [+] Initializing program ------------------------------------ - Detecting OS... [ DONE ] - Checking profiles... [ DONE ] - Detecting language and localization [ cs ] Notice: no language file found for 'cs' (tried: /usr/local/lynis/lynis/db/languages/cs) --------------------------------------------------- Program version: 2.5.3 Operating system: Linux Operating system name: Debian Operating system version: jessie/sid Kernel version: 3.12.1 Hardware platform: x86_64 Hostname: pfemir --------------------------------------------------- Profiles: /usr/local/lynis/lynis/default.prf Log file: /var/log/lynis.log Report file: /var/log/lynis-report.dat Report version: 1.0 Plugin directory: ./plugins --------------------------------------------------- Auditor: [Not Specified] Test category: all Test group: all --------------------------------------------------- - Program update status... [ NO UPDATE ] [+] System Tools ------------------------------------ - Scanning available tools... - Checking system binaries... [+] Plugins (phase 1) ------------------------------------ Note: plugins have more extensive tests and may take several minutes to complete - Plugins enabled [ NONE ] [+] Boot and services ------------------------------------ - Service Manager [ SysV Init ] - Checking UEFI boot [ DISABLED ] - Checking presence GRUB2 [ FOUND ] - Checking for password protection [ WARNING ] - Check services at startup (rc2.d) [ DONE ] Result: found 54 services - Check startup files (permissions) [ OK ] [+] Kernel ------------------------------------ - Checking default run level [ 2 ] - Checking CPU support (NX/PAE) CPU support: PAE and/or NoeXecute supported [ FOUND ] - Checking kernel version and release [ DONE ] - Checking kernel type [ DONE ] - Checking loaded kernel modules [ DONE ] Found 59 active modules - Checking Linux kernel configuration file [ FOUND ] - Checking default I/O kernel scheduler [ FOUND ] - Checking for available kernel update [ OK ] - Checking core dumps configuration [ DISABLED ] - Checking setuid core dumps configuration [ DEFAULT ] - Check if reboot is needed [ NO ] [+] Memory and Processes ------------------------------------ - Checking /proc/meminfo [ FOUND ] - Searching for dead/zombie processes [ OK ] - Searching for IO waiting processes [ OK ] [+] Users, Groups and Authentication ------------------------------------ - Administrator accounts [ OK ] - Unique UIDs [ OK ] - Consistency of group files (grpck) [ OK ] - Unique group IDs [ OK ] - Unique group names [ OK ] - Password file consistency [ OK ] - Query system users (non daemons) [ DONE ] - NIS+ authentication support [ NOT ENABLED ] - NIS authentication support [ NOT ENABLED ] - sudoers file [ FOUND ] - Check sudoers file permissions [ OK ] - PAM password strength tools [ SUGGESTION ] - PAM configuration files (pam.conf) [ FOUND ] - PAM configuration files (pam.d) [ FOUND ] - PAM modules [ FOUND ] - LDAP module in PAM [ NOT FOUND ] - Accounts without expire date [ OK ] - Accounts without password [ OK ] - Checking user password aging (minimum) [ DISABLED ] - User password aging (maximum) [ DISABLED ] - Checking expired passwords [ OK ] - Checking Linux single user mode authentication [ OK ] - Determining default umask - umask (/etc/profile) [ NOT FOUND ] - umask (/etc/login.defs) [ SUGGESTION ] - umask (/etc/init.d/rc) [ SUGGESTION ] - LDAP authentication support [ NOT ENABLED ] - Logging failed login attempts [ ENABLED ] [+] Shells ------------------------------------ - Checking shells from /etc/shells Result: found 13 shells (valid shells: 7). - Session timeout settings/tools [ NONE ] - Checking default umask values - Checking default umask in /etc/bash.bashrc [ NONE ] - Checking default umask in /etc/profile [ NONE ] [+] File systems ------------------------------------ - Checking mount points - Checking /home mount point [ SUGGESTION ] - Checking /tmp mount point [ SUGGESTION ] - Checking /var mount point [ SUGGESTION ] - Query swap partitions (fstab) [ OK ] - Testing swap partitions [ OK ] - Testing /proc mount (hidepid) [ SUGGESTION ] - Checking for old files in /tmp [ OK ] - Checking /tmp sticky bit [ OK ] - ACL support root file system [ ENABLED ] - Mount options of / [ NON DEFAULT ] - Checking Locate database [ FOUND ] - Disable kernel support of some filesystems - Discovered kernel modules: cramfs freevxfs hfs hfsplus jffs2 squashfs udf [+] Storage ------------------------------------ - Checking usb-storage driver (modprobe config) [ NOT DISABLED ] - Checking USB devices authorization [ ENABLED ] - Checking firewire ohci driver (modprobe config) [ NOT DISABLED ] [+] NFS ------------------------------------ - Query rpc registered programs [ DONE ] - Query NFS versions [ DONE ] - Query NFS protocols [ DONE ] - Check running NFS daemon [ FOUND ] - Checking /etc/exports [ FOUND ] - Checking NFS client access [ OK ] [+] Name services ------------------------------------ - Checking default DNS search domain [ FOUND ] - Searching DNS domain name [ FOUND ] Domain name: cz - Checking nscd status [ RUNNING ] - Checking /etc/hosts - Checking /etc/hosts (duplicates) [ OK ] - Checking /etc/hosts (hostname) [ OK ] - Checking /etc/hosts (localhost) [ SUGGESTION ] - Checking /etc/hosts (localhost to IP) [ OK ] [+] Ports and packages ------------------------------------ - Searching package managers - Searching dpkg package manager [ FOUND ] - Querying package manager - Query unpurged packages [ FOUND ] - Checking security repository in sources.list file or directory [ WARNING ] - Checking vulnerable packages (apt-get only) [ DONE ] - Checking package audit tool [ INSTALLED ] Found: apt-get [+] Networking ------------------------------------ - Checking IPv6 configuration [ ENABLED ] Configuration method [ AUTO ] IPv6 only [ NO ] - Checking configured nameservers - Testing nameservers Nameserver: 77.242.95.2 [ OK ] Nameserver: 192.168.1.1 [ OK ] - Minimal of 2 responsive nameservers [ OK ] - Checking default gateway [ DONE ] - Getting listening ports (TCP/UDP) [ DONE ] * Found 80 ports - Checking promiscuous interfaces [ OK ] - Checking waiting connections [ OK ] - Checking status DHCP client [ NOT ACTIVE ] - Checking for ARP monitoring software [ NOT FOUND ] [+] Printers and Spools ------------------------------------ - Checking cups daemon [ RUNNING ] - Checking CUPS configuration file [ OK ] - File permissions [ OK ] - Checking CUPS addresses/sockets [ FOUND ] - Checking lp daemon [ NOT RUNNING ] [+] Software: e-mail and messaging ------------------------------------ - Postfix status [ RUNNING ] - Postfix configuration [ FOUND ] - Postfix configuration errors [ WARNING ] - Postfix banner [ WARNING ] - Dovecot status [ RUNNING ] [+] Software: firewalls ------------------------------------ - Checking iptables kernel module [ FOUND ] - Checking iptables policies of chains [ FOUND ] - Checking chain INPUT (table: filter) policy [ ACCEPT ] - Checking for empty ruleset [ WARNING ] - Checking for unused rules [ OK ] - Checking host based firewall [ ACTIVE ] [+] Software: webserver ------------------------------------ - Checking Apache (binary /usr/sbin/apache2) [ FOUND ] Info: Found 6 virtual hosts * Loadable modules [ FOUND (107) ] - Found 107 loadable modules mod_evasive: anti-DoS/brute force [ NOT FOUND ] mod_reqtimeout/mod_qos [ FOUND ] ModSecurity: web application firewall [ NOT FOUND ] - Checking nginx [ NOT FOUND ] [+] SSH Support ------------------------------------ - Checking running SSH daemon [ FOUND ] - Searching SSH configuration [ FOUND ] - SSH option: AllowTcpForwarding [ SUGGESTION ] - SSH option: ClientAliveCountMax [ SUGGESTION ] - SSH option: ClientAliveInterval [ OK ] - SSH option: Compression [ SUGGESTION ] - SSH option: FingerprintHash [ NOT FOUND ] - SSH option: GatewayPorts [ OK ] - SSH option: IgnoreRhosts [ OK ] - SSH option: LoginGraceTime [ OK ] - SSH option: LogLevel [ SUGGESTION ] - SSH option: MaxAuthTries [ SUGGESTION ] - SSH option: MaxSessions [ SUGGESTION ] - SSH option: PermitRootLogin [ SUGGESTION ] - SSH option: PermitUserEnvironment [ OK ] - SSH option: PermitTunnel [ OK ] - SSH option: Port [ SUGGESTION ] - SSH option: PrintLastLog [ OK ] - SSH option: Protocol [ OK ] - SSH option: StrictModes [ OK ] - SSH option: TCPKeepAlive [ SUGGESTION ] - SSH option: UseDNS [ SUGGESTION ] - SSH option: VerifyReverseMapping [ NOT FOUND ] - SSH option: X11Forwarding [ SUGGESTION ] - SSH option: AllowAgentForwarding [ NOT FOUND ] - SSH option: AllowUsers [ NOT FOUND ] - SSH option: AllowGroups [ NOT FOUND ] [+] SNMP Support ------------------------------------ - Checking running SNMP daemon [ NOT FOUND ] [+] Databases ------------------------------------ - MySQL process status [ FOUND ] [+] LDAP Services ------------------------------------ - Checking OpenLDAP instance [ NOT FOUND ] [+] PHP ------------------------------------ - Checking PHP [ FOUND ] - Checking PHP disabled functions [ FOUND ] - Checking expose_php option [ ON ] - Checking enable_dl option [ OFF ] - Checking allow_url_fopen option [ ON ] - Checking allow_url_include option [ OFF ] - Checking PHP suhosin extension status [ WARNING ] - Suhosin simulation mode status [ WARNING ] [+] Squid Support ------------------------------------ - Checking running Squid daemon [ FOUND ] - Searching Squid configuration [ FOUND ] - Checking Squid version [ FOUND ] - Checking defined Squid options [ DONE ] - Checking Squid configuration file permissions [ OK ] - Checking Squid access control - Checking Squid authentication methods [ FOUND ] - Checking Squid external authentication methods [ NONE ] - Checking Access Control Lists [ 29 ACLs FOUND ] - Checking ACL 'Safe_ports' ports [ FOUND ] - Checking ACL 'Safe_ports' (port 22) [ NOT FOUND ] - Checking ACL 'Safe_ports' (port 23) [ NOT FOUND ] - Checking ACL 'Safe_ports' (port 25) [ NOT FOUND ] - Checking Squid Denial of Service tuning options - Checking option: reply_body_max_size [ NONE ] - Checking Squid general options - Checking option: httpd_suppress_version_string [ NOT FOUND ] [+] Logging and files ------------------------------------ - Checking for a running log daemon [ OK ] - Checking Syslog-NG status [ NOT FOUND ] - Checking systemd journal status [ NOT FOUND ] - Checking Metalog status [ NOT FOUND ] - Checking RSyslog status [ FOUND ] - Checking RFC 3195 daemon status [ NOT FOUND ] - Checking minilogd instances [ NOT FOUND ] - Checking logrotate presence [ OK ] - Checking log directories (static list) [ DONE ] - Checking open log files [ DONE ] - Checking deleted files in use [ FILES FOUND ] [+] Insecure services ------------------------------------ - Checking inetd status [ NOT ACTIVE ] [+] Banners and identification ------------------------------------ - /etc/issue [ FOUND ] - /etc/issue contents [ WEAK ] - /etc/issue.net [ FOUND ] - /etc/issue.net contents [ WEAK ] [+] Scheduled tasks ------------------------------------ - Checking crontab/cronjob [ DONE ] - Checking atd status [ RUNNING ] - Checking at users [ DONE ] - Checking at jobs [ NONE ] [+] Accounting ------------------------------------ - Checking accounting information [ NOT FOUND ] - Checking sysstat accounting data [ NOT FOUND ] - Checking auditd [ NOT FOUND ] [+] Time and Synchronization ------------------------------------ - NTP daemon found: ntpd [ FOUND ] - Checking event based ntpdate (if-up) [ FOUND ] - Checking for a running NTP daemon or client [ OK ] - Checking valid association ID's [ FOUND ] - Checking high stratum ntp peers [ OK ] - Checking unreliable ntp peers [ FOUND ] - Checking selected time source [ OK ] - Checking time source candidates [ OK ] - Checking falsetickers [ OK ] - Checking NTP version [ FOUND ] [+] Cryptography ------------------------------------ - Checking for expired SSL certificates [ FOUND ] [+] Virtualization ------------------------------------ [+] Containers ------------------------------------ [+] Security frameworks ------------------------------------ - Checking presence AppArmor [ NOT FOUND ] - Checking presence SELinux [ NOT FOUND ] - Checking presence grsecurity [ NOT FOUND ] - Checking for implemented MAC framework [ NONE ] [+] Software: file integrity ------------------------------------ - Checking file integrity tools - Checking presence integrity tool [ NOT FOUND ] [+] Software: System tooling ------------------------------------ - Checking automation tooling - Ansible artifact [ FOUND ] - Automation tooling [ FOUND ] - Checking presence of Fail2ban [ FOUND ] - Checking Fail2ban jails [ ENABLED ] - Checking for IDS/IPS tooling [ FOUND ] [+] Software: Malware ------------------------------------ - Checking LMD (Linux Malware Detect) [ FOUND ] [+] File Permissions ------------------------------------ - Starting file permissions check [+] Home directories ------------------------------------ - Checking shell history files [ OK ] [+] Kernel Hardening ------------------------------------ - Comparing sysctl key pairs with scan profile - fs.protected_hardlinks (exp: 1) [ DIFFERENT ] - fs.protected_symlinks (exp: 1) [ DIFFERENT ] - fs.suid_dumpable (exp: 0) [ OK ] - kernel.core_uses_pid (exp: 1) [ DIFFERENT ] - kernel.ctrl-alt-del (exp: 0) [ OK ] - kernel.dmesg_restrict (exp: 1) [ DIFFERENT ] - kernel.kptr_restrict (exp: 2) [ DIFFERENT ] - kernel.randomize_va_space (exp: 2) [ OK ] - kernel.sysrq (exp: 0) [ DIFFERENT ] - net.ipv4.conf.all.accept_redirects (exp: 0) [ DIFFERENT ] - net.ipv4.conf.all.accept_source_route (exp: 0) [ OK ] - net.ipv4.conf.all.bootp_relay (exp: 0) [ OK ] - net.ipv4.conf.all.forwarding (exp: 0) [ OK ] - net.ipv4.conf.all.log_martians (exp: 1) [ DIFFERENT ] - net.ipv4.conf.all.mc_forwarding (exp: 0) [ OK ] - net.ipv4.conf.all.proxy_arp (exp: 0) [ OK ] - net.ipv4.conf.all.rp_filter (exp: 1) [ DIFFERENT ] - net.ipv4.conf.all.send_redirects (exp: 0) [ DIFFERENT ] - net.ipv4.conf.default.accept_redirects (exp: 0) [ DIFFERENT ] - net.ipv4.conf.default.accept_source_route (exp: 0) [ DIFFERENT ] - net.ipv4.conf.default.log_martians (exp: 1) [ DIFFERENT ] - net.ipv4.icmp_echo_ignore_broadcasts (exp: 1) [ OK ] - net.ipv4.icmp_ignore_bogus_error_responses (exp: 1) [ OK ] - net.ipv4.tcp_syncookies (exp: 1) [ OK ] - net.ipv4.tcp_timestamps (exp: 0) [ DIFFERENT ] - net.ipv6.conf.all.accept_redirects (exp: 0) [ DIFFERENT ] - net.ipv6.conf.all.accept_source_route (exp: 0) [ OK ] - net.ipv6.conf.default.accept_redirects (exp: 0) [ DIFFERENT ] - net.ipv6.conf.default.accept_source_route (exp: 0) [ OK ] [+] Hardening ------------------------------------ - Installed compiler(s) [ FOUND ] - Installed malware scanner [ FOUND ] [+] Custom Tests ------------------------------------ - Running custom tests... [ NONE ] [+] Plugins (phase 2) ------------------------------------ ================================================================================ -[ Lynis 2.5.3 Results ]- Warnings (4): ---------------------------- ! Can't find any security repository in /etc/apt/sources.list or sources.list.d directory [PKGS-7388] https://cisofy.com/controls/PKGS-7388/ ! Found some information disclosure in SMTP banner (OS or software name) [MAIL-8818] https://cisofy.com/controls/MAIL-8818/ ! iptables module(s) loaded, but no rules active [FIRE-4512] https://cisofy.com/controls/FIRE-4512/ ! PHP option expose_php is possibly turned on, which can reveal useful information for attackers. [PHP-2372] https://cisofy.com/controls/PHP-2372/ Suggestions (47): ---------------------------- * Set a password on GRUB bootloader to prevent altering boot configuration (e.g. boot in single user mode without password) [BOOT-5122] https://cisofy.com/controls/BOOT-5122/ * Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc [AUTH-9262] https://cisofy.com/controls/AUTH-9262/ * Configure minimum password age in /etc/login.defs [AUTH-9286] https://cisofy.com/controls/AUTH-9286/ * Configure maximum password age in /etc/login.defs [AUTH-9286] https://cisofy.com/controls/AUTH-9286/ * Default umask in /etc/login.defs could be more strict like 027 [AUTH-9328] https://cisofy.com/controls/AUTH-9328/ * Default umask in /etc/init.d/rc could be more strict like 027 [AUTH-9328] https://cisofy.com/controls/AUTH-9328/ * To decrease the impact of a full /home file system, place /home on a separated partition [FILE-6310] https://cisofy.com/controls/FILE-6310/ * To decrease the impact of a full /tmp file system, place /tmp on a separated partition [FILE-6310] https://cisofy.com/controls/FILE-6310/ * To decrease the impact of a full /var file system, place /var on a separated partition [FILE-6310] https://cisofy.com/controls/FILE-6310/ * Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft [STRG-1840] https://cisofy.com/controls/STRG-1840/ * Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft [STRG-1846] https://cisofy.com/controls/STRG-1846/ * Split resolving between localhost and the hostname of the system [NAME-4406] https://cisofy.com/controls/NAME-4406/ * Purge old/removed packages (3 found) with aptitude purge or dpkg --purge command. This will cleanup old configuration files, cron jobs and startup scripts. [PKGS-7346] https://cisofy.com/controls/PKGS-7346/ * Install debsums utility for the verification of packages with known good database. [PKGS-7370] https://cisofy.com/controls/PKGS-7370/ * Consider running ARP monitoring software (arpwatch,arpon) [NETW-3032] https://cisofy.com/controls/NETW-3032/ * Found a configuration error in Postfix [MAIL-8817] - Details : /etc/postfix/main.cf - Solution : run postconf > /dev/null https://cisofy.com/controls/MAIL-8817/ * You are advised to hide the mail_name (option: smtpd_banner) from your postfix configuration. Use postconf -e or change your main.cf file (/etc/postfix/main.cf) [MAIL-8818] https://cisofy.com/controls/MAIL-8818/ * Install Apache mod_evasive to guard webserver against DoS/brute force attempts [HTTP-6640] https://cisofy.com/controls/HTTP-6640/ * Install Apache modsecurity to guard webserver against web application attacks [HTTP-6643] https://cisofy.com/controls/HTTP-6643/ * Consider hardening SSH configuration [SSH-7408] - Details : AllowTcpForwarding (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : ClientAliveCountMax (3 --> 2) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : Compression (DELAYED --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : LogLevel (INFO --> VERBOSE) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : MaxAuthTries (6 --> 2) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : MaxSessions (10 --> 2) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : PermitRootLogin (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : Port (22 --> ) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : TCPKeepAlive (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : UseDNS (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Consider hardening SSH configuration [SSH-7408] - Details : X11Forwarding (YES --> NO) https://cisofy.com/controls/SSH-7408/ * Change the expose_php line to: expose_php = Off [PHP-2372] https://cisofy.com/controls/PHP-2372/ * Change the allow_url_fopen line to: allow_url_fopen = Off, to disable downloads via PHP [PHP-2376] https://cisofy.com/controls/PHP-2376/ * Harden PHP by enabling suhosin extension [PHP-2379] https://cisofy.com/controls/PHP-2379/ * Harden PHP by deactivating suhosin simulation mode [PHP-2379] https://cisofy.com/controls/PHP-2379/ * Configure Squid option reply_body_max_size to limit the upper size of requests. [SQD-3630] https://cisofy.com/controls/SQD-3630/ * Configure Squid option httpd_suppress_version_string (on) to suppress the version. [SQD-3680] https://cisofy.com/controls/SQD-3680/ * Check what deleted files are still in use and why. [LOGG-2190] https://cisofy.com/controls/LOGG-2190/ * Add a legal banner to /etc/issue, to warn unauthorized users [BANN-7126] https://cisofy.com/controls/BANN-7126/ * Add legal banner to /etc/issue.net, to warn unauthorized users [BANN-7130] https://cisofy.com/controls/BANN-7130/ * Enable process accounting [ACCT-9622] https://cisofy.com/controls/ACCT-9622/ * Enable sysstat to collect accounting (no results) [ACCT-9626] https://cisofy.com/controls/ACCT-9626/ * Enable auditd to collect audit information [ACCT-9628] https://cisofy.com/controls/ACCT-9628/ * Check ntpq peers output for unreliable ntp peers and correct/replace them [TIME-3120] https://cisofy.com/controls/TIME-3120/ * Check available certificates for expiration [CRYP-7902] https://cisofy.com/controls/CRYP-7902/ * Install a file integrity tool to monitor changes to critical and sensitive files [FINT-4350] https://cisofy.com/controls/FINT-4350/ * One or more sysctl values differ from the scan profile and could be tweaked [KRNL-6000] https://cisofy.com/controls/KRNL-6000/ * Harden compilers like restricting access to root user only [HRDN-7222] https://cisofy.com/controls/HRDN-7222/ Follow-up: ---------------------------- - Show details of a test (lynis show details TEST-ID) - Check the logfile for all details (less /var/log/lynis.log) - Read security controls texts (https://cisofy.com) - Use --upload to upload data to central system (Lynis Enterprise users) ================================================================================ Lynis security scan details: Hardening index : 64 [############ ] Tests performed : 247 Plugins enabled : 0 Components: - Firewall [V] - Malware scanner [V] Lynis Modules: - Compliance Status [?] - Security Audit [V] - Vulnerability Scan [V] Files: - Test and debug information : /var/log/lynis.log - Report data : /var/log/lynis-report.dat ================================================================================ Lynis 2.5.3 Auditing, system hardening, and compliance for UNIX-based systems (Linux, macOS, BSD, and others) 2007-2017, CISOfy - https://cisofy.com/lynis/ Enterprise support available (compliance, plugins, interface and tools) ================================================================================
sudo lsof /tmp | grep deleted
Can't find any security repository in /etc/apt/sources.list
Tomu nerozumím, sources.list tam mám a je v podstatě totožný s originálním
asi je to za jinym FW nebo NATem ne
Mám to za wifi routerem , kde mám DD-WTR a tam mám zapnutý SPI Firewall
Change the expose_php line to: expose_php = Off
provedl jsem
Change the allow_url_fopen line to: allow_url_fopen = Off
provedl jsem
Harden PHP by enabling suhosin extension
v repozitáři jsem php5-suhoshi nenašel
Install Apache mod_evasive
provedl jsem
Install Apache modsecurity
To je trochu složitější, podívám se na to později
squid jsem zrušil
Check what deleted files are still in use and why.
sudo lsof /tmp | grep deleted
toto mi nevypsalo nic. Když jem dal sudo lsof / | grep deleted
tak mi to vyplivlo
apache2 3733 root 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) mysqld 4644 mysql 4u REG 8,2 0 1958 /tmp/ibyOnNtL (deleted) mysqld 4644 mysql 5u REG 8,2 0 2622 /tmp/ibg2RY83 (deleted) mysqld 4644 mysql 6u REG 8,2 0 2733 /tmp/ibq0GaOm (deleted) mysqld 4644 mysql 7u REG 8,2 0 4236 /tmp/ibsopIbY (deleted) mysqld 4644 mysql 11u REG 8,2 0 2909 /tmp/ibUTBX8j (deleted) caja 6111 pfemir 25r REG 8,2 59948 210265 /home/pfemir/.local/share/gvfs-metadata/root (deleted) caja 6111 pfemir 26r REG 8,2 32768 221148 /home/pfemir/.local/share/gvfs-metadata/root-04f3fef4.log (deleted) mate-term 10129 pfemir 15u REG 8,2 9216 4172 /tmp/vteJCDN5Y (deleted) mate-term 10129 pfemir 16u REG 8,2 34668 4359 /tmp/vte76CN5Y (deleted) mate-term 10129 pfemir 17u REG 8,2 4576 4361 /tmp/vte9EAN5Y (deleted) firefox 12593 pfemir 50u REG 8,2 32768 14710 /var/tmp/etilqs_pEcdkVUf1DRruLt (deleted) firefox 12593 pfemir 51u REG 8,2 512 14400 /var/tmp/etilqs_X9NRd2LnAzzyeAY (deleted) apache2 17035 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) apache2 17036 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) apache2 17037 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) apache2 17038 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) apache2 17039 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) apache2 17085 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) apache2 17090 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) apache2 17093 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) apache2 17096 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted) apache2 17099 www-data 22u REG 8,2 0 4166 /tmp/.ZendSem.2aBCC1 (deleted)
deb http://security.ubuntu.com/ubuntu/ trusty-security main restricted universe multiverse
mozna to proste lynis nepozna nebo neco
jinak dobry, otevreny soubory vypadaj normalne
Joomla se neinstaluje z repozitáře, ta se stáhne z webu a rozbalí do webserveru.
access.log jsem nenašel. Našel jsem /var/log/auth.log, ale tam je docela dost zápisů. Jestli se mi ten proces ještě někdy spustí (zatím je 3-tí den pokoj), tak se na to zkusím zaměřit.
drush
, který provede kontrolu a aktualizaci balíku a věech pluginů. (ale netuším jestli joomla také má něco podobného)
Joomla se neinstaluje z repozitáře, ta se stáhne z webu a rozbalí do webserveru.Tak to znamená, že pokud je stará, tak je prostě stará (a nejspíš děravá). A 3.2.3 vypadá opravdu historicky a je tam spousta chyb s děsivě znějícím popisem (jestli jsou v praxi zneužitelné se mi zkoumat nechce).
access.log jsem nenašelJe ve /var/log/apache2/
core.mcrawl.cz - - [25/Aug/2017:00:20:15 +0200] "GET / HTTP/1.1" 200 30527 core.mcrawl.cz - - [25/Aug/2017:00:23:34 +0200] "GET / HTTP/1.1" 200 30527 triton285.dedicatedpanel.com - - [25/Aug/2017:00:50:07 +0200] "GET /new/administrator/index.php HTTP/1.1" 404 850 46.229.164.100 - - [25/Aug/2017:01:44:35 +0200] "GET /robots.txt HTTP/1.1" 404 850 svyaznoy.krsn.ru - - [25/Aug/2017:01:48:59 +0200] "GET / HTTP/1.0" 200 18021 svyaznoy.krsn.ru - - [25/Aug/2017:01:49:00 +0200] "GET / HTTP/1.0" 200 18021 svyaznoy.krsn.ru - - [25/Aug/2017:01:49:00 +0200] "GET / HTTP/1.0" 200 18021 svyaznoy.krsn.ru - - [25/Aug/2017:01:49:01 +0200] "GET / HTTP/1.1" 400 0 svyaznoy.krsn.ru - - [25/Aug/2017:01:49:11 +0200] "GET / HTTP/1.0" 200 18021 svyaznoy.krsn.ru - - [25/Aug/2017:01:49:32 +0200] "GET / HTTP/1.0" 200 18021 svyaznoy.krsn.ru - - [25/Aug/2017:01:49:32 +0200] "GET / HTTP/1.1" 200 18291 svyaznoy.krsn.ru - - [25/Aug/2017:01:49:33 +0200] "HEAD /manager/html HTTP/1.0" 404 254 core.mcrawl.cz - - [25/Aug/2017:02:14:38 +0200] "GET / HTTP/1.1" 200 18312 core.mcrawl.cz - - [25/Aug/2017:02:37:43 +0200] "GET / HTTP/1.1" 200 18311 80.82.70.231 - - [25/Aug/2017:03:36:42 +0200] "GET /muieblackcat HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:42 +0200] "GET //setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:42 +0200] "GET //scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:43 +0200] "GET //admin/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:43 +0200] "GET //admin/pma/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:43 +0200] "GET //db/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:43 +0200] "GET //myadmin/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:43 +0200] "GET //phpadmin/scripts/setup.php HTTP/1.1" 404 403 80.82.70.231 - - [25/Aug/2017:03:36:44 +0200] "GET //pma/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:44 +0200] "GET //web/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:44 +0200] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:44 +0200] "GET //admin/mysql/ HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:44 +0200] "GET //admin/phpmyadmin/ HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:45 +0200] "GET //admin/pma/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:45 +0200] "GET //admin/sql/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:45 +0200] "GET //php/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:45 +0200] "GET //php/phpmyadmin/scripts/setup.php HTTP/1.1" 404 850 80.82.70.231 - - [25/Aug/2017:03:36:45 +0200] "GET //phpmyadmin2/scripts/setup.php HTTP/1.1" 404 850 msnbot-40-77-167-30.search.msn.com - - [25/Aug/2017:04:12:57 +0200] "GET /server_monitor/munin-year.html HTTP/1.1" 200 1573 core.mcrawl.cz - - [25/Aug/2017:04:35:58 +0200] "GET / HTTP/1.1" 200 18311 crawl-66-249-65-97.googlebot.com - - [25/Aug/2017:04:39:29 +0200] "GET /robots.txt HTTP/1.1" 404 887 crawl-66-249-65-100.googlebot.com - - [25/Aug/2017:04:39:30 +0200] "GET /index.php?option=com_content&view=article&id=70%3Akomunikace-plc-automatu-a-ekvitermniho-regulatoru&catid=78%3Anews&Itemid=544 HTTP/1.1" 200 3957 60.191.38.77 - - [25/Aug/2017:04:50:08 +0200] "GET / HTTP/1.1" 200 18405 crawl-66-249-65-100.googlebot.com - - [25/Aug/2017:04:50:46 +0200] "GET /index.php?option=com_content&view=article&id=35&catid=77&Itemid=435 HTTP/1.1" 200 3964 core.mcrawl.cz - - [25/Aug/2017:05:04:57 +0200] "GET / HTTP/1.1" 200 18311 core.mcrawl.cz - - [25/Aug/2017:06:25:01 +0200] "GET / HTTP/1.1" 200 30527 82.208.140.163 - - [25/Aug/2017:06:31:09 +0200] "GET /administrator/index.php HTTP/1.1" 303 332 core.mcrawl.cz - - [25/Aug/2017:06:47:08 +0200] "GET / HTTP/1.1" 200 18311 139.159.236.178 - - [25/Aug/2017:07:04:28 +0200] "GET /manager/html HTTP/1.1" 404 831 dedal.galati.astral.ro - - [25/Aug/2017:07:41:17 +0200] "GET / HTTP/1.1" 200 4688 dedal.galati.astral.ro - - [25/Aug/2017:07:41:18 +0200] "GET / HTTP/1.1" 200 4988 192.168.1.210 - - [25/Aug/2017:08:41:47 +0200] "GET /admin HTTP/1.1" 404 887 192.168.1.210 - - [25/Aug/2017:08:41:47 +0200] "GET /favicon.ico HTTP/1.1" 404 886 192.168.1.210 - - [25/Aug/2017:08:41:47 +0200] "GET /favicon.ico HTTP/1.1" 404 886 192.168.1.210 - - [25/Aug/2017:08:41:54 +0200] "GET /administrator HTTP/1.1" 301 512 192.168.1.210 - - [25/Aug/2017:08:41:54 +0200] "GET /administrator/ HTTP/1.1" 303 381 core.mcrawl.cz - - [25/Aug/2017:08:45:58 +0200] "GET / HTTP/1.1" 200 18311 core.mcrawl.cz - - [25/Aug/2017:08:50:22 +0200] "GET / HTTP/1.1" 200 18311 triton285.dedicatedpanel.com - - [25/Aug/2017:09:24:03 +0200] "GET /site/administrator/index.php HTTP/1.1" 404 850 93-91-51-172.inet4.cz - - [25/Aug/2017:09:27:42 +0200] "GET /wp-admin/upgrade.php HTTP/1.1" 404 887 crawl-66-249-65-97.googlebot.com - - [25/Aug/2017:09:34:27 +0200] "GET /index.php?option=com_content&view=article&id=76:rozsireni-monitorovani-1&catid=78:news&Itemid=544 HTTP/1.1" 200 3915 email.seznam.cz - - [25/Aug/2017:10:03:48 +0200] "GET / HTTP/1.0" 200 4707 core.mcrawl.cz - - [25/Aug/2017:10:43:47 +0200] "GET / HTTP/1.1" 200 18311 msnbot-40-77-167-123.search.msn.com - - [25/Aug/2017:10:45:03 +0200] "GET / HTTP/1.1" 200 4744 core.mcrawl.cz - - [25/Aug/2017:10:55:12 +0200] "GET / HTTP/1.1" 200 18311 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET / HTTP/1.1" 200 4744 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /media/jui/js/jquery-noconflict.js HTTP/1.1" 200 316 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /media/jui/js/jquery.min.js HTTP/1.1" 200 33721 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /templates/yoo_quantum/css/base.css HTTP/1.1" 200 832 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /templates/yoo_quantum/css/modules.css HTTP/1.1" 200 913 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /templates/yoo_quantum/css/tools.css HTTP/1.1" 200 1838 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /templates/yoo_quantum/css/layout.css HTTP/1.1" 200 1054 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /templates/yoo_quantum/css/menus.css HTTP/1.1" 200 1443 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /templates/yoo_quantum/styles/light/css/system.css HTTP/1.1" 200 524 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /templates/yoo_quantum/styles/light/css/extensions.css HTTP/1.1" 200 920 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /templates/yoo_quantum/css/custom.css HTTP/1.1" 200 587 bsduh.nspuh.cz - - [25/Aug/2017:10:58:53 +0200] "GET /templates/yoo_quantum/styles/light/css/color/orange.css HTTP/1.1" 200 917 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/css/font1/ubuntu.css HTTP/1.1" 200 476 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/css/font2/ubuntu.css HTTP/1.1" 200 489 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/css/font3/ubuntu.css HTTP/1.1" 200 498 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/css/print.css HTTP/1.1" 200 470 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/css/style.css HTTP/1.1" 200 4394 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/fonts/ubuntu.css HTTP/1.1" 200 533 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /media/jui/js/jquery-migrate.min.js HTTP/1.1" 200 3413 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /media/system/js/tabs-state.js HTTP/1.1" 200 1124 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/js/warp.js HTTP/1.1" 200 3227 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/js/accordionmenu.js HTTP/1.1" 200 1138 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/js/dropdownmenu.js HTTP/1.1" 200 2398 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/js/template.js HTTP/1.1" 200 950 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/js/search.js HTTP/1.1" 200 1963 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/css/base.css HTTP/1.1" 200 2074 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/css/layout.css HTTP/1.1" 200 1172 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/css/menus.css HTTP/1.1" 200 1431 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/css/modules.css HTTP/1.1" 200 796 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/css/tools.css HTTP/1.1" 200 1809 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/css/system.css HTTP/1.1" 200 644 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/css/print.css HTTP/1.1" 200 768 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /media/logo/logo5_8.png HTTP/1.1" 200 4144 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/css/system-all.css HTTP/1.1" 200 1400 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/css/system.css HTTP/1.1" 200 2121 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/warp/systems/joomla/css/system.css HTTP/1.1" 200 1652 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/toolbar_b.png HTTP/1.1" 200 792 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/page.png HTTP/1.1" 200 4190 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/toolbar.png HTTP/1.1" 200 713 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/searchbox.png HTTP/1.1" 200 1946 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/menubar.png HTTP/1.1" 200 13676 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/footer.png HTTP/1.1" 200 405 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/totop_scroller.png HTTP/1.1" 200 1829 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/module_line_stacked.png HTTP/1.1" 200 367 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/system_continue_reading.png HTTP/1.1" 200 508 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/color/orange/list_line_bullet.png HTTP/1.1" 200 521 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/dropdown.svg HTTP/1.1" 200 1076 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/color/orange/menu_level3.png HTTP/1.1" 200 582 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/styles/light/images/menu_level1_hover.png HTTP/1.1" 200 444 bsduh.nspuh.cz - - [25/Aug/2017:10:58:54 +0200] "GET /templates/yoo_quantum/fonts/Ubuntu-Regular-webfont.ttf HTTP/1.1" 200 350683 bsduh.nspuh.cz - - [25/Aug/2017:10:58:56 +0200] "GET /templates/yoo_quantum/favicon.ico HTTP/1.1" 200 1449 bsduh.nspuh.cz - - [25/Aug/2017:10:58:56 +0200] "GET /templates/yoo_quantum/favicon.ico HTTP/1.1" 200 1450 bsduh.nspuh.cz - - [25/Aug/2017:10:59:06 +0200] "GET /index.php?option=com_content&view=category&layout=blog&id=78&Itemid=544 HTTP/1.1" 200 4864 bsduh.nspuh.cz - - [25/Aug/2017:10:59:07 +0200] "GET /media/system/js/core.js HTTP/1.1" 200 1925 bsduh.nspuh.cz - - [25/Aug/2017:10:59:07 +0200] "GET /media/system/js/mootools-core.js HTTP/1.1" 200 27267 bsduh.nspuh.cz - - [25/Aug/2017:10:59:07 +0200] "GET /media/system/js/mootools-more.js HTTP/1.1" 200 68040 bsduh.nspuh.cz - - [25/Aug/2017:10:59:07 +0200] "GET /templates/yoo_quantum/styles/light/images/button_more.png HTTP/1.1" 200 1867 bsduh.nspuh.cz - - [25/Aug/2017:10:59:07 +0200] "GET /templates/yoo_quantum/styles/light/images/pagination.png HTTP/1.1" 200 1005 bsduh.nspuh.cz - - [25/Aug/2017:10:59:07 +0200] "GET /templates/yoo_quantum/images/module_line_stacked.png HTTP/1.1" 200 370 bsduh.nspuh.cz - - [25/Aug/2017:10:59:12 +0200] "GET /templates/yoo_quantum/styles/light/images/menu_level2_hover.png HTTP/1.1" 200 453 bsduh.nspuh.cz - - [25/Aug/2017:10:59:13 +0200] "GET /index.php?option=com_wrapper&view=wrapper&Itemid=478 HTTP/1.1" 200 3261 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /templates/yoo_quantum/styles/light/images/menu_sidebar_level1.png HTTP/1.1" 200 2023 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /vytapeni/vytapeni_aktualni.html HTTP/1.1" 200 2398 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /css/style_vytapeni.css HTTP/1.1" 200 845 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /css/vytapeni_aktualni.css HTTP/1.1" 200 1106 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /js/topeni_act.js HTTP/1.1" 200 7133 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /Highcharts/js/highcharts-more.js HTTP/1.1" 200 8442 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /Highcharts/js/modules/exporting.js HTTP/1.1" 200 3441 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /jquery/js/jquery-1.10.2.min.js HTTP/1.1" 200 33155 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /Highcharts/js/highcharts.js HTTP/1.1" 200 51557 bsduh.nspuh.cz - - [25/Aug/2017:10:59:14 +0200] "GET /fonts/oswald-regular-webfont.woff HTTP/1.1" 200 19576 bsduh.nspuh.cz - - [25/Aug/2017:10:59:15 +0200] "GET /MonKotel_data/Dekode/monKotel_De_25-08-2017-Friday.txt HTTP/1.1" 200 24910 bsduh.nspuh.cz - - [25/Aug/2017:10:59:15 +0200] "GET /php/request_cena_pal.php HTTP/1.1" 200 214 bsduh.nspuh.cz - - [25/Aug/2017:10:59:16 +0200] "GET /php/request_act.php HTTP/1.1" 200 241 bsduh.nspuh.cz - - [25/Aug/2017:10:59:16 +0200] "GET /php/request_data_pal.php HTTP/1.1" 200 353 bsduh.nspuh.cz - - [25/Aug/2017:10:59:16 +0200] "GET /fonts/oswald-bold-webfont.woff HTTP/1.1" 200 20072 bsduh.nspuh.cz - - [25/Aug/2017:10:59:31 +0200] "GET /php/request_act.php HTTP/1.1" 200 244 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /index.php?option=com_wrapper&view=wrapper&Itemid=515 HTTP/1.1" 200 3274 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /fve/fve_aktualni.html HTTP/1.1" 200 4232 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /css/fve_aktualni.css HTTP/1.1" 200 1822 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /css/humanity/jquery.ui.all.css HTTP/1.1" 200 342 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /css/style_fve.css HTTP/1.1" 200 880 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /js/fve_act.js HTTP/1.1" 200 4316 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /jquery/development-bundle/ui/minified/jquery.ui.widget.min.js HTTP/1.1" 200 2829 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /jquery/development-bundle/ui/minified/jquery.ui.core.min.js HTTP/1.1" 200 2249 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /jquery/development-bundle/ui/minified/jquery.ui.progressbar.min.js HTTP/1.1" 200 1149 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /css/humanity/jquery.ui.base.css HTTP/1.1" 200 464 bsduh.nspuh.cz - - [25/Aug/2017:10:59:38 +0200] "GET /css/humanity/jquery.ui.theme.css HTTP/1.1" 200 3419 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.core.css HTTP/1.1" 200 960 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.resizable.css HTTP/1.1" 200 641 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.button.css HTTP/1.1" 200 981 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.autocomplete.css HTTP/1.1" 200 750 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.dialog.css HTTP/1.1" 200 787 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.accordion.css HTTP/1.1" 200 693 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.slider.css HTTP/1.1" 200 665 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.tabs.css HTTP/1.1" 200 825 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.datepicker.css HTTP/1.1" 200 1284 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/jquery.ui.progressbar.css HTTP/1.1" 200 447 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/images/ui-bg_inset-soft_100_f4f0ec_1x100.png HTTP/1.1" 200 395 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /css/humanity/images/ui-bg_glass_25_cb842e_1x400.png HTTP/1.1" 200 412 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /MonKotel_data/Palivo/spotreba25-08-2017-Friday.txt HTTP/1.1" 200 39790 bsduh.nspuh.cz - - [25/Aug/2017:10:59:39 +0200] "GET /php/request_cena_el.php HTTP/1.1" 200 273 bsduh.nspuh.cz - - [25/Aug/2017:10:59:40 +0200] "GET /php/request_act.php HTTP/1.1" 200 243 bsduh.nspuh.cz - - [25/Aug/2017:10:59:40 +0200] "GET /php/request_data_el.php HTTP/1.1" 200 454 bsduh.nspuh.cz - - [25/Aug/2017:10:59:55 +0200] "GET /php/request_act.php HTTP/1.1" 200 244 crawl-66-249-65-100.googlebot.com - - [25/Aug/2017:11:58:27 +0200] "GET /index.php?option=com_content&view=article&id=73:novy-graf&catid=78:news&Itemid=544 HTTP/1.1" 200 3908 core.mcrawl.cz - - [25/Aug/2017:12:01:33 +0200] "GET / HTTP/1.1" 200 18311 93-91-51-172.inet4.cz - - [25/Aug/2017:12:03:05 +0200] "GET /wp-admin/upgrade.php HTTP/1.1" 404 887 burger.census.shodan.io - - [25/Aug/2017:12:21:09 +0200] "GET / HTTP/1.1" 200 18292 burger.census.shodan.io - - [25/Aug/2017:12:21:12 +0200] "GET /robots.txt HTTP/1.1" 404 831 burger.census.shodan.io - - [25/Aug/2017:12:21:12 +0200] "GET /sitemap.xml HTTP/1.1" 404 831 burger.census.shodan.io - - [25/Aug/2017:12:21:13 +0200] "GET /language/en-GB/en-GB.xml HTTP/1.1" 200 828 ip-59-202.4vendeta.com - - [25/Aug/2017:12:25:20 +0200] "GET / HTTP/1.1" 200 4754 core.mcrawl.cz - - [25/Aug/2017:12:26:09 +0200] "GET / HTTP/1.1" 200 18311 www.whois.sc - - [25/Aug/2017:12:32:54 +0200] "GET /robots.txt HTTP/1.0" 404 850 www.whois.sc - - [25/Aug/2017:12:32:55 +0200] "GET / HTTP/1.1" 200 4707 baiduspider-180-76-15-26.crawl.baidu.com - - [25/Aug/2017:13:25:19 +0200] "GET /server_monitor/processes-week.html HTTP/1.1" 200 1715 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:23 +0200] "GET / HTTP/1.1" 200 4744 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/base.css HTTP/1.1" 200 831 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/layout.css HTTP/1.1" 200 1054 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/menus.css HTTP/1.1" 200 1443 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/modules.css HTTP/1.1" 200 913 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/tools.css HTTP/1.1" 200 1838 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/styles/light/css/system.css HTTP/1.1" 200 525 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/styles/light/css/extensions.css HTTP/1.1" 200 921 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/custom.css HTTP/1.1" 200 587 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/styles/light/css/color/orange.css HTTP/1.1" 200 917 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/font1/ubuntu.css HTTP/1.1" 200 476 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/font3/ubuntu.css HTTP/1.1" 200 498 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/font2/ubuntu.css HTTP/1.1" 200 489 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/styles/light/css/style.css HTTP/1.1" 200 4394 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/print.css HTTP/1.1" 200 470 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/fonts/ubuntu.css HTTP/1.1" 200 533 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /media/logo/logo5_8.png HTTP/1.1" 200 4144 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/warp/css/base.css HTTP/1.1" 200 2073 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/warp/css/layout.css HTTP/1.1" 200 1172 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/warp/css/menus.css HTTP/1.1" 200 1430 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/system.css HTTP/1.1" 200 643 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/warp/css/tools.css HTTP/1.1" 200 1808 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/favicon.ico HTTP/1.1" 200 1449 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/warp/css/modules.css HTTP/1.1" 200 795 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/warp/css/print.css HTTP/1.1" 200 768 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/warp/css/system.css HTTP/1.1" 200 2121 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/warp/systems/joomla/css/system.css HTTP/1.1" 200 1652 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:24 +0200] "GET /templates/yoo_quantum/css/system-all.css HTTP/1.1" 200 1400 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/toolbar_b.png HTTP/1.1" 200 792 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/toolbar.png HTTP/1.1" 200 713 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/page.png HTTP/1.1" 200 4190 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/menubar.png HTTP/1.1" 200 13676 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/searchbox.png HTTP/1.1" 200 1946 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/module_line_stacked.png HTTP/1.1" 200 367 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/system_continue_reading.png HTTP/1.1" 200 508 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/color/orange/list_line_bullet.png HTTP/1.1" 200 521 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/footer.png HTTP/1.1" 200 405 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:25 +0200] "GET /templates/yoo_quantum/styles/light/images/totop_scroller.png HTTP/1.1" 200 1829 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:29 +0200] "GET /templates/yoo_quantum/styles/light/images/dropdown.svg HTTP/1.1" 200 1076 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:29 +0200] "GET /templates/yoo_quantum/styles/light/images/color/orange/menu_level3.png HTTP/1.1" 200 582 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:30:45 +0200] "GET /index.php?option=com_content&view=featured&Itemid=435 HTTP/1.1" 200 4656 13.68.211.181 - - [25/Aug/2017:13:31:50 +0200] "GET / HTTP/1.1" 200 18254 13.68.211.181 - - [25/Aug/2017:13:31:51 +0200] "GET //modules/ HTTP/1.1" 200 276 13.68.211.181 - - [25/Aug/2017:13:31:52 +0200] "GET //plugins/ HTTP/1.1" 200 276 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:30 +0200] "GET / HTTP/1.1" 200 6561 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:32 +0200] "GET / HTTP/1.1" 200 4688 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:33 +0200] "GET //administrator/manifests/files/joomla.xml HTTP/1.1" 200 992 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:33 +0200] "TRACE / HTTP/1.1" 405 401 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:34 +0200] "GET /media/jui/js/jquery.min.js HTTP/1.1" 200 33666 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:34 +0200] "GET /media/jui/js/jquery-noconflict.js HTTP/1.1" 200 260 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:35 +0200] "GET /media/jui/js/jquery-migrate.min.js HTTP/1.1" 200 3358 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:35 +0200] "GET /media/system/js/tabs-state.js HTTP/1.1" 200 1069 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:36 +0200] "GET /templates/yoo_quantum/warp/js/warp.js HTTP/1.1" 200 3172 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:36 +0200] "GET /templates/yoo_quantum/warp/js/accordionmenu.js HTTP/1.1" 200 1083 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:36 +0200] "GET /templates/yoo_quantum/warp/js/dropdownmenu.js HTTP/1.1" 200 2343 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:37 +0200] "GET /templates/yoo_quantum/js/template.js HTTP/1.1" 200 895 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:37 +0200] "GET /templates/yoo_quantum/warp/js/html5.js HTTP/1.1" 200 2206 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:37 +0200] "GET /templates/yoo_quantum/warp/js/search.js HTTP/1.1" 200 1907 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:38 +0200] "GET / HTTP/1.1" 200 4688 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:39 +0200] "GET /404testpage4525d2fdc HTTP/1.1" 404 831 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:39 +0200] "GET /404javascript.js HTTP/1.1" 404 831 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:39 +0200] "GET /index.php?option=com_content&view=featured&Itemid=435 HTTP/1.1" 200 4114 ip-89-176-66-235.net.upcbroadband.cz - - [25/Aug/2017:13:32:40 +0200] "GET / HTTP/1.1" 200 4653 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:40 +0200] "GET /index.php?option=com_content&view=category&layout=blog&id=78&Itemid=544 HTTP/1.1" 200 4182 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:41 +0200] "GET /index.php?option=com_wrapper&view=wrapper&Itemid=465 HTTP/1.1" 200 5002 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:41 +0200] "GET /index.php?option=com_wrapper&view=wrapper&Itemid=478 HTTP/1.1" 200 5002 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:42 +0200] "GET /index.php?option=com_wrapper&view=wrapper&Itemid=493 HTTP/1.1" 200 2660 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:43 +0200] "GET /index.php?option=com_wrapper&view=wrapper&Itemid=480 HTTP/1.1" 200 5002 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:44 +0200] "GET /index.php?option=com_wrapper&view=wrapper&Itemid=514 HTTP/1.1" 200 3118 sitecheck2.sucuri.net - - [25/Aug/2017:13:32:44 +0200] "GET /index.php?option=com_wrapper&view=wrapper&Itemid=515 HTTP/1.1" 200 5002 core.mcrawl.cz - - [25/Aug/2017:14:08:52 +0200] "GET / HTTP/1.1" 200 18311 46-249-83-205.net1.bg - - [25/Aug/2017:14:12:33 +0200] "GET / HTTP/1.1" 200 18311 crawl-66-249-65-97.googlebot.com - - [25/Aug/2017:14:22:27 +0200] "GET /index.php?option=com_content&view=article&id=73%3Anovy-graf&catid=78&Itemid=544 HTTP/1.1" 200 3906 core.mcrawl.cz - - [25/Aug/2017:14:51:39 +0200] "GET / HTTP/1.1" 200 18311 163-172-255-19.rev.poneytelecom.eu - - [25/Aug/2017:16:21:31 +0200] "GET /libraries/joomla/cache/controller/cache/cache/langs.php HTTP/1.1" 404 850 46.229.164.100 - - [25/Aug/2017:16:26:26 +0200] "GET /robots.txt HTTP/1.1" 404 850 core.mcrawl.cz - - [25/Aug/2017:16:31:57 +0200] "GET / HTTP/1.1" 200 30524 core.mcrawl.cz - - [25/Aug/2017:16:35:55 +0200] "GET / HTTP/1.1" 200 18311 crawl-66-249-65-100.googlebot.com - - [25/Aug/2017:16:46:27 +0200] "GET /robots.txt HTTP/1.1" 404 887 crawl-66-249-65-103.googlebot.com - - [25/Aug/2017:16:46:27 +0200] "GET /index.php?option=com_content&view=article&id=8&catid=77&Itemid=435 HTTP/1.1" 200 4043 li1678-106.members.linode.com - - [25/Aug/2017:17:13:29 +0200] "GET / HTTP/1.1" 200 18330 li1678-106.members.linode.com - - [25/Aug/2017:17:12:59 +0200] "GET / HTTP/1.1" 200 18368 li1678-106.members.linode.com - - [25/Aug/2017:17:13:29 +0200] "GET / HTTP/1.1" 200 18368 li1678-106.members.linode.com - - [25/Aug/2017:17:13:00 +0200] "GET / HTTP/1.1" 200 18330 triton285.dedicatedpanel.com - - [25/Aug/2017:18:01:42 +0200] "GET /web/administrator/index.php HTTP/1.1" 404 850 core.mcrawl.cz - - [25/Aug/2017:18:02:02 +0200] "GET / HTTP/1.1" 200 18308 core.mcrawl.cz - - [25/Aug/2017:18:32:13 +0200] "GET / HTTP/1.1" 200 30524 core.mcrawl.cz - - [25/Aug/2017:19:08:34 +0200] "GET / HTTP/1.1" 200 18311 crawl-66-249-66-129.googlebot.com - - [25/Aug/2017:19:10:27 +0200] "GET /index.php?option=com_content&view=article&id=77:rozsireni-monitorovani-2&catid=78:news&Itemid=544 HTTP/1.1" 200 3929 core.mcrawl.cz - - [25/Aug/2017:19:20:02 +0200] "GET / HTTP/1.1" 200 18311 ip231.208-100-26.static.steadfastdns.net - - [25/Aug/2017:19:53:54 +0200] "GET / HTTP/1.0" 200 18021 ip231.208-100-26.static.steadfastdns.net - - [25/Aug/2017:19:55:22 +0200] "GET / HTTP/1.0" 200 18021 ip231.208-100-26.static.steadfastdns.net - - [25/Aug/2017:19:55:22 +0200] "HEAD / HTTP/1.1" 200 503 ip231.208-100-26.static.steadfastdns.net - - [25/Aug/2017:19:55:22 +0200] "GET / HTTP/1.1" 200 18292 core.mcrawl.cz - - [25/Aug/2017:20:15:24 +0200] "GET / HTTP/1.1" 200 30527 core.mcrawl.cz - - [25/Aug/2017:20:24:25 +0200] "GET / HTTP/1.1" 200 18311
Tiskni
Sdílej: