I was running Django Development server, and found same access message shown up again and again:
[03/Dec/2009 21:02:30] "GET http://222.186.27.9/R.asp?P=58.50.245.72:8000 HTTP/1.1" 500 717 Traceback (most recent call last): File "d:\www\lib\django\django\core\servers\basehttp.py", line 279, in run self.result = application(self.environ, self.start_response) File "d:\www\lib\django\django\core\servers\basehttp.py", line 651, in __call__ return self.application(environ, start_response) File "d:\www\lib\django\django\core\handlers\wsgi.py", line 241, in __call__ response = self.get_response(request) File "d:\www\lib\django\django\core\handlers\base.py", line 115, in get_response return debug.technical_404_response(request, e) File "d:\www\lib\django\django\views\debug.py", line 247, in technical_404_response tried = exception.args[0]['tried'] KeyError: 'tried' [03/Dec/2009 22:18:31] "GET http : / / pay .qq.com/ HTTP/1.1" 500 717
I wander it’s a virus, do any one know what accessed the url, how can I find it? Thanks!
Did you run the dev server with the default arguments? If so it should only be bound to localhost (127.0.0.1) which shouldn’t be accessible from anywhere except your machine. If so then you have trouble on your machine.
If you have bound the dev server to an external internet facing address, then don’t! It isn’t a fully featured web server and is probably full of security problems.
Either way, the requests look like they are proxy requests and 8000 is a common port to run a proxy on, so some process on your machine, or some external lan or internet based service has discovered it and is trying to abuse it.