从凌晨开始,来自218.5.2.250的大量奇怪的访问,各位老大帮忙看看是怎么回事?
查了一下这个ip,是“福建省福州市 榕基软件开发有限公司”,不知道是不是这个
公司自己的服务器被人黑了。
218.5.2.250 - - [05/Sep/2006:03:22:50 +0800] "GET / HTTP/1.0" 200 11330 "-" "-"
218.5.2.250 - - [05/Sep/2006:03:22:57 +0800] "GET /cgi-bin/common/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)
"
218.5.2.250 - - [05/Sep/2006:03:22:57 +0800] "GET /cgi-local/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:57 +0800] "GET /scripts/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:58 +0800] "GET /cgi_bin/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:58 +0800] "GET /cgi-bin/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:58 +0800] "GET /cgi-bin/common/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)
"
218.5.2.250 - - [05/Sep/2006:03:22:59 +0800] "GET /cgi-local/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:59 +0800] "GET /scripts/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:59 +0800] "GET /<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT> HTTP/1.1" 404 - "-" "Mozill
a/4.75 [en] (X11, U; rj-itop)"
218.5.2.250 - - [05/Sep/2006:03:22:59 +0800] "GET /cgi_bin/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:23:01 +0800] "GET /scripts/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:23:01 +0800] "GET /cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.1" 404 - "-" "Mozi
lla/4.75 [en] (X11, U; rj-itop)"
218.5.2.250 - - [05/Sep/2006:03:23:01 +0800] "GET /scripts/mrtg.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.1" 404 - "-" "Mozi
lla/4.75 [en] (X11, U; rj-itop)"
218.5.2.250 - - [05/Sep/2006:03:23:01 +0800] "HEAD / HTTP/1.1" 200 11330 "-" "Mozilla/4.75 [en] (X11, U; rj-itop)"
还有很多这样的
查了一下这个ip,是“福建省福州市 榕基软件开发有限公司”,不知道是不是这个
公司自己的服务器被人黑了。
218.5.2.250 - - [05/Sep/2006:03:22:50 +0800] "GET / HTTP/1.0" 200 11330 "-" "-"
218.5.2.250 - - [05/Sep/2006:03:22:57 +0800] "GET /cgi-bin/common/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)
"
218.5.2.250 - - [05/Sep/2006:03:22:57 +0800] "GET /cgi-local/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:57 +0800] "GET /scripts/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:58 +0800] "GET /cgi_bin/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:58 +0800] "GET /cgi-bin/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:58 +0800] "GET /cgi-bin/common/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)
"
218.5.2.250 - - [05/Sep/2006:03:22:59 +0800] "GET /cgi-local/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:59 +0800] "GET /scripts/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:22:59 +0800] "GET /<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT> HTTP/1.1" 404 - "-" "Mozill
a/4.75 [en] (X11, U; rj-itop)"
218.5.2.250 - - [05/Sep/2006:03:22:59 +0800] "GET /cgi_bin/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:23:01 +0800] "GET /scripts/listrec.pl HTTP/1.1" 404 - "-" "Mozilla/4.75 [en] (X11, U; Nessus)"
218.5.2.250 - - [05/Sep/2006:03:23:01 +0800] "GET /cgi-bin/mrtg.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.1" 404 - "-" "Mozi
lla/4.75 [en] (X11, U; rj-itop)"
218.5.2.250 - - [05/Sep/2006:03:23:01 +0800] "GET /scripts/mrtg.cgi?cfg=../../../../../../../../etc/passwd HTTP/1.1" 404 - "-" "Mozi
lla/4.75 [en] (X11, U; rj-itop)"
218.5.2.250 - - [05/Sep/2006:03:23:01 +0800] "HEAD / HTTP/1.1" 200 11330 "-" "Mozilla/4.75 [en] (X11, U; rj-itop)"
还有很多这样的