Essentially I have a webcam set up at home to record movement, and I set up a basic Apache server so that I can externally access said videos stored.
The server is running on my laptop and I have port fowarded the laptops ip to port 80, I then set up dynamic dns so that I can access the same domain name regardless of whether my ip changes.
It had been running a day when I checked the access logs and saw some really suspicious activity: http://pastebin.com/a8xSALaJ sorry for the length, I didn't want to cut out anything subtly important..
My Apache configuration is literally default, with the document root at /var/www/html
I have 3 questions:
1 - Is there anything malicious in the logs/what was the attacker trying to do (there is one very suspicious log at line 152
access.log:1203:74.217.28.153 - - [19/Feb/2016:05:36:48 +0000] "GET http://pastebin.com/raw.php?i=GNsjKYy5 HTTP/1.1" 404 442 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
2 - How can I prevent this type of attack in the future
3 - How on earth did this person find my ip at all? I certainly didn't publicize it...
As you can tell my networking knowledge is fairly basic but I would really like to learn more, so any information would be greatly appreciated !
UPDATE
Since posting this I noticed something particularly concerning -- not sure if this is related, tried to do an apache2 --version:
apache2 --version
[Sat Feb 20 18:24:19.273672 2016] [core:warn] [pid 4942] AH00111: Config variable ${APACHE_LOCK_DIR} is not defined
[Sat Feb 20 18:24:19.273756 2016] [core:warn] [pid 4942] AH00111: Config variable ${APACHE_PID_FILE} is not defined
[Sat Feb 20 18:24:19.273778 2016] [core:warn] [pid 4942] AH00111: Config variable ${APACHE_RUN_USER} is not defined
[Sat Feb 20 18:24:19.273796 2016] [core:warn] [pid 4942] AH00111: Config variable ${APACHE_RUN_GROUP} is not defined
[Sat Feb 20 18:24:19.273826 2016] [core:warn] [pid 4942] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
[Sat Feb 20 18:24:19.276425 2016] [core:warn] [pid 4942:tid 139799541426048] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
[Sat Feb 20 18:24:19.276615 2016] [core:warn] [pid 4942:tid 139799541426048] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
[Sat Feb 20 18:24:19.276641 2016] [core:warn] [pid 4942:tid 139799541426048] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
AH00526: Syntax error on line 74 of /etc/apache2/apache2.conf:
Invalid Mutex directory in argument file:${APACHE_LOCK_DIR}