En el servidor con 91.121.157.31 que pertenece a OVH, hay instalado un bot que, como podeis ver a continuacion, se dedica a buscar posibles puntos de entrada a mi maquina.
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/checknfurl123
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.ssh
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.bash_history
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.history
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.sh_history
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.bitcoin
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.litecoin
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.psi
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.purple
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.mozilla
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_ecdsa
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_ecdsa.2
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_ecdsa_2
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_ecdsa_old
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_ecdsa.old
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/config
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_rsa
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_dsa
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/rsa
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/dsa
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/key
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/key.priv
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_rsa.old
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_dsa.old
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/identity
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/authorized_keys
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/authorized_keys2
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/known_hosts
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_rsa.pub
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/id_dsa.pub
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] client denied by server configuration: /home/www/mirai.nerv-org.es/.htpasswd
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/htpasswd
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] client denied by server configuration: /home/www/mirai.nerv-org.es/.htpasswd~
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/passwd
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/.passwd
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/passwords
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/password
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/passwords.txt
[Sun Jun 29 13:03:14 2014] [error] [client 91.121.157.31] File does not exist: /home/www/mirai.nerv-org.es/pass
El WHOIS:
root@mirai:/var/log/apache2# whois 91.121.157.31
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See
http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '91.121.144.0 - 91.121.159.255'
% Abuse contact for '91.121.144.0 - 91.121.159.255' is 'abuse@ovh.net'
inetnum: 91.121.144.0 - 91.121.159.255
netname: OVH
descr: OVH SAS
descr: Dedicated Servers
descr:
http://www.ovh.com
country: FR
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ASSIGNED PA
mnt-by: OVH-MNT
source: RIPE # Filtered
role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox:
abuse@ovh.net
mnt-by: OVH-MNT
source: RIPE # Filtered
person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
nic-hdl: OK217-RIPE
abuse-mailbox:
abuse@ovh.net
mnt-by: OVH-MNT
source: RIPE # Filtered
% Information related to '91.121.0.0/16AS16276'
route: 91.121.0.0/16
descr: OVH ISP
descr: Paris, France
origin: AS16276
mnt-by: OVH-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.73.1 (DB-4)
Ya que nos dais la brasa tanto con lo maravillosa que es vuestra red, y todas las novedades que teneis, ya podriais detectar este tipo de abusos de vuestra red con mas celeridad y hacer que vuestro correo electronico de ABUSE funcione y hagan caso a todos los reportes que se envian.
Pongo esto aqui ya que la maquina afectada es un KS. Rogaria que investigarais este tema con el usuario de OVH que tiene asignada la IP indicada.
Un saludo y gracias.
