Menu
I'm looking through my nginx logs, and I see some really odd stuff.
2019/10/19 05:44:17 [warn] 30490#0: *6309 using uninitialized "year" variable while logging request, client: xx.xx.xxx, server: , request: "Gh0st��x�KS``�����Č@�Q��� H��e&�*$&g+2���00��rc��\`&��K7��n9�n;�3��sch�^�4'J����0Ñh]&��ΗS�A4L?2=�Ē�@�`T��]"
2019/10/19 05:44:17 [warn] 30490#0: *6309 using uninitialized "month" variable while logging request, client: xx.xx.xxx, server: , request: "Gh0st��x�KS``�����Č@�Q��� H��e&�*$&g+2���00��rc��\`&��K7��n9�n;�3��sch�^�4'J����0Ñh]&��ΗS�A4L?2=�Ē�@�`T��]"
2019/10/19 05:44:17 [warn] 30490#0: *6309 using uninitialized "day" variable while logging request, client: xx.xx.xxx, server: , request: "Gh0st��x�KS``�����Č@�Q��� H��e&�*$&g+2���00��rc��\`&��K7��n9�n;�3��sch�^�4'J����0Ñh]&��ΗS�A4L?2=�Ē�@�`T��]"
2019/10/19 05:44:17 [warn] 30490#0: *6309 using uninitialized "hour" variable while logging request, client: xx.xx.xxx, server: , request: "Gh0st��x�KS``�����Č@�Q��� H��e&�*$&g+2���00��rc��\`&��K7��n9�n;�3��sch�^�4'J����0Ñh]&��ΗS�A4L?2=�Ē�@�`T��]"
2019/10/19 05:44:17 [warn] 30490#0: *6310 using uninitialized "year" variable while logging request, client: xx.xx.xxx, server: , request: "145.ll|'|'|SGFjS2VkX0Q0OTkwNjI3|'|'|WIN-JNAPIER0859|'|'|JNapier|'|'|19-02-01|'|'||'|'|Win 7 Professional SP1 x64|'|'|No|'|'|0.7d|'|'|..|'|'|AA==|'|'|112.inf|'|'|SGFjS2VkDQoxOTIuMTY4LjkyLjIyMjo1NTUyDQpEZXNrdG9wDQpjbGllbnRhLmV4ZQ0KRmFsc2UNCkZhbHNlDQpUcnVlDQpGYWxzZQ==12.act|'|'|AA=="
2019/10/19 05:44:17 [warn] 30490#0: *6310 using uninitialized "month" variable while logging request, client: xx.xx.xxx, server: , request: "145.ll|'|'|SGFjS2VkX0Q0OTkwNjI3|'|'|WIN-JNAPIER0859|'|'|JNapier|'|'|19-02-01|'|'||'|'|Win 7 Professional SP1 x64|'|'|No|'|'|0.7d|'|'|..|'|'|AA==|'|'|112.inf|'|'|SGFjS2VkDQoxOTIuMTY4LjkyLjIyMjo1NTUyDQpEZXNrdG9wDQpjbGllbnRhLmV4ZQ0KRmFsc2UNCkZhbHNlDQpUcnVlDQpGYWxzZQ==12.act|'|'|AA=="
2019/10/19 05:44:17 [warn] 30490#0: *6310 using uninitialized "day" variable while logging request, client: xx.xx.xxx, server: , request: "145.ll|'|'|SGFjS2VkX0Q0OTkwNjI3|'|'|WIN-JNAPIER0859|'|'|JNapier|'|'|19-02-01|'|'||'|'|Win 7 Professional SP1 x64|'|'|No|'|'|0.7d|'|'|..|'|'|AA==|'|'|112.inf|'|'|SGFjS2VkDQoxOTIuMTY4LjkyLjIyMjo1NTUyDQpEZXNrdG9wDQpjbGllbnRhLmV4ZQ0KRmFsc2UNCkZhbHNlDQpUcnVlDQpGYWxzZQ==12.act|'|'|AA=="
2019/10/19 05:44:17 [warn] 30490#0: *6310 using uninitialized "hour" variable while logging request, client: xx.xx.xxx, server: , request: "145.ll|'|'|SGFjS2VkX0Q0OTkwNjI3|'|'|WIN-JNAPIER0859|'|'|JNapier|'|'|19-02-01|'|'||'|'|Win 7 Professional SP1 x64|'|'|No|'|'|0.7d|'|'|..|'|'|AA==|'|'|112.inf|'|'|SGFjS2VkDQoxOTIuMTY4LjkyLjIyMjo1NTUyDQpEZXNrdG9wDQpjbGllbnRhLmV4ZQ0KRmFsc2UNCkZhbHNlDQpUcnVlDQpGYWxzZQ==12.act|'|'|AA=="
2019/10/19 05:44:17 [warn] 30490#0: *6311 using uninitialized "year" variable while logging request, client: xx.xx.xxx, server: , request: "Htj��#D�+��l���Jn��xu[l�E-j��xL�r�u�%�Rtgfv�]%̀�Ϯ��fȍD� �"
2019/10/19 05:44:17 [warn] 30490#0: *6311 using uninitialized "month" variable while logging request, client: xx.xx.xxx, server: , request: "Htj��#D�+��l���Jn��xu[l�E-j��xL�r�u�%�Rtgfv�]%̀�Ϯ��fȍD� �"
2019/10/19 05:44:17 [warn] 30490#0: *6311 using uninitialized "day" variable while logging request, client: xx.xx.xxx, server: , request: "Htj��#D�+��l���Jn��xu[l�E-j��xL�r�u�%�Rtgfv�]%̀�Ϯ��fȍD� �"
2019/10/19 05:44:17 [warn] 30490#0: *6311 using uninitialized "hour" variable while logging request, client: xx.xx.xxx, server: , request: "Htj��#D�+��l���Jn��xu[l�E-j��xL�r�u�%�Rtgfv�]%̀�Ϯ��fȍD� �"
2019/10/19 05:44:17 [warn] 30490#0: *6312 using uninitialized "year" variable while logging request, client: xx.xx.xxx, server: , request: "HELP"
2019/10/19 05:44:17 [warn] 30490#0: *6312 using uninitialized "month" variable while logging request, client: xx.xx.xxx, server: , request: "HELP"
2019/10/19 05:44:17 [warn] 30490#0: *6312 using uninitialized "day" variable while logging request, client: xx.xx.xxx, server: , request: "HELP"
2019/10/19 05:44:17 [warn] 30490#0: *6312 using uninitialized "hour" variable while logging request, client: xx.xx.xxx, server: , request: "HELP"
2019/10/19 05:44:17 [warn] 30490#0: *6313 using uninitialized "year" variable while logging request, client: xx.xx.xxx, server: , request: "�հ]�ē�0�X�ڱ�n�3*��'��k��"
2019/10/19 05:44:17 [warn] 30490#0: *6313 using uninitialized "month" variable while logging request, client: xx.xx.xxx, server: , request: "�հ]�ē�0�X�ڱ�n�3*��'��k��"
2019/10/19 05:44:17 [warn] 30490#0: *6313 using uninitialized "day" variable while logging request, client: xx.xx.xxx, server: , request: "�հ]�ē�0�X�ڱ�n�3*��'��k��"
2019/10/19 05:44:17 [warn] 30490#0: *6313 using uninitialized "hour" variable while logging request, client: xx.xx.xxx, server: , request: "�հ]�ē�0�X�ڱ�n�3*��'��k��"
2019/10/19 05:44:18 [warn] 30490#0: *6314 using uninitialized "year" variable while logging request, client: xx.xx.xxx, server: , request: "batman"
2019/10/19 05:44:18 [warn] 30490#0: *6314 using uninitialized "month" variable while logging request, client: xx.xx.xxx, server: , request: "batman"
2019/10/19 05:44:18 [warn] 30490#0: *6314 using uninitialized "day" variable while logging request, client: xx.xx.xxx, server: , request: "batman"
2019/10/19 05:44:18 [warn] 30490#0: *6314 using uninitialized "hour" variable while logging request, client: xx.xx.xxx, server: , request: "batman"
My guess is that somebody is sending malicious packets. Is this something I should be concerned about, and what should I do about it?
The scary piece to me is: "Gh0st��x�KS"
671
This looks like the handy work of either a script kiddie attempting to break into your server or this particular hacker, Gh0st - https://rsplayers.fandom.com/wiki/Gh0st.
In any case this is someone probing your site looking for vulnerabilities. There's nothing you need to do beyond what you should already be doing in maintaining your site on the Internet.
104
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
