I was looking over the access logs for a server that we are running on Amazon Web Services. I noticed that someone was obviously trying to find the phpmyadmin directory - they (or a bot) were trying different paths eg - admin/phpmyadmin/, db_admin, ... and the list goes on. Actually there isnt a database on this server and so this was not a problem, they were never going to find it, but should I be worried about such snooping? Is this just a really basic attempt at getting in to our system? Actually our database is held on another managed server which I assume is protected from such intrusions. What are your views on such sneaky activity?
They are just automatically scanning for phpMyAdmin installations for the same reason one can do a port scan. They hope to find an unsecured phpMyAdmin installation, for example one with a configured username and password and without authentication on phpMyAdmin itself. You don't have to worry about this as long as you keep everything secured (up to date software, secured against unauthorized access).