Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
1
1
12ss2017-12-11 17:58:05
Django
12ss, 2017-12-11 17:58:05

What are these strange requests on the django development server?

I start django development server, I see in the command line:

Starting development server at http://0:8000/
Quit the server with CONTROL-C.
Invalid HTTP_HOST header: 'ip.адрес.моего.vpn.провайдера:8000'. You may need to add 'ip.адрес.моего.vpn.провайдера' to ALLOWED_HOSTS.
[11/Dec/2017 13:29:17] "GET / HTTP/1.1" 400 60778
Invalid HTTP_HOST header: 'ip.адрес.моего.vpn.провайдера:8000'. You may need to add 'ip.адрес.моего.vpn.провайдера' to ALLOWED_HOSTS.
[11/Dec/2017 13:29:18] "GET / HTTP/1.1" 400 60763
Invalid HTTP_HOST header: 'ip.адрес.моего.vpn.провайдера:8000'. You may need to add 'ip.адрес.моего.vpn.провайдера' to ALLOWED_HOSTS.
[11/Dec/2017 13:29:21] "GET / HTTP/1.1" 400 60703
Invalid HTTP_HOST header: 'ip.адрес.моего.vpn.провайдера:8000'. You may need to add 'ip.адрес.моего.vpn.провайдера' to ALLOWED_HOSTS.
[11/Dec/2017 13:29:29] "GET /picsdesc.xml HTTP/1.1" 400 60895
Invalid HTTP_HOST header: 'ip.адрес.моего.vpn.провайдера:8000'. You may need to add 'ip.адрес.моего.vpn.провайдера' to ALLOWED_HOSTS.
[11/Dec/2017 13:29:31] "GET /picsdesc.xml HTTP/1.1" 400 60835

This happened once, it seems, when Webpack was not built yet, and I had already opened the page in the browser. And it doesn't happen again.
As for "picsdesc", I found a comment in an old article: https://pikabu.ru/story/shodan_dostup_k_otkryityim...
It doesn't really explain anything to me.
The development is carried out on a virtual machine, the browser is on the host, the site has never been in production.
What's going on in my farm?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey Gornostaev, 2017-12-11
@12ss

The Internet is full of robots that continuously scan all available addresses. If the address responds, the robots check the availability of common ports and send verification requests to them. If the expected response is returned to any of the requests, then the robot writes to the log that the service such and such is available at the address of such and such on the port of such and such. And then another robot using this log will poison the services with exploits in an attempt to hack them. Most often for the purpose of joining a botnet. Specifically, the availability of the picsdesc.xml file via the HTTP protocol is a sign of the running miniigd daemon from the Realtek SDK.

Similar questions
N
Nikolai Gromov2017-04-28 13:16:05
How to access an element of an object that is in an array? 2Reply
E
Elizabeth Lawrence2017-09-16 16:51:50
Payment by card for more than 60,000 rubles without the need to use an online cashier? 2Reply
D
Dardrin2015-02-20 13:31:48
What is the correct way to use ForeignKey in Django-admin fieldsets? 1Reply
A
Alexey2017-02-23 19:45:51
How to specify the type of records in Django QuerySet in Python type hints? 2Reply
J
Jekson2019-07-23 17:12:29
How to get rid of migrations error in Django? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question