ログを見ていたら,以下のようなアクセスがあった1

192.0.2.1 - - [24/Jul/2009:03:43:46 +0900] "GET /phpmyadmin/ INSTALL HTTP/1.1" 404 209 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:46 +0900] "GET /myadmin/ INSTALL HTTP/1.1" 404 206 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:47 +0900] "GET /admin/ INSTALL HTTP/1.1" 404 204 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:47 +0900] "GET /phpMyAdmin/ INSTALL HTTP/1.1" 404 209 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:48 +0900] "GET /PMA/ INSTALL HTTP/1.1" 404 202 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:48 +0900] "GET INSTALL HTTP/1.1" 400 226 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:49 +0900] "GET /phpmyadmin/ INSTALL HTTP/1.1" 404 209 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:50 +0900] "GET /myadmin/ INSTALL HTTP/1.1" 404 206 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:50 +0900] "GET /admin/ INSTALL HTTP/1.1" 404 204 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:50 +0900] "GET /phpMyAdmin/ INSTALL HTTP/1.1" 404 209 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:51 +0900] "GET /PMA/ INSTALL HTTP/1.1" 404 202 "-" "M Fucking Scanner."
192.0.2.1 - - [24/Jul/2009:03:43:51 +0900] "GET INSTALL HTTP/1.1" 400 226 "-" "M Fucking Scanner."

たぶん脆弱性のあるPHPを探しているのだろうけど,URIの後に"INSTALL"が付いているのが謎.PHPはインストールしていないので影響は無いと思うけど…

  1. IPアドレスは例示用のものに変更してある. ↩︎