b0r*_*dom 3 apache apache2 error-log
当这个庞大的块出现时,我正在为apache拖尾我的错误日志.以前从没见过这样的东西.IP映射到RIPE网络协调中心,此处带有PO框
链接
这是我应该深入研究的吗?在谷歌搜索时,我找不到太多关于这一点,除了RIPE似乎是一个ISP.
[Tue Mar 15 21:34:44.775251 2016] [core:error] [pid 22280] (36)File name too long: [client 93.113.125.12:44444] AH00036: access to /we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages failed (filesystem path '/var/www/html/we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages_we_are_looking_for_not_found_pages')
我刚从同一个IP收到了这个请求.我没有看到很多人谈论它,所以我想这是新的.
我认为它是一个寻找不安全的公共管理页面的机器人,实际的请求文本对于查看日志的网站管理员来说是一个笑话.
发出这些请求的脚本正在执行请求URL所说的内容.它正在向巨大的IP地址列表,IP地址范围发送请求,甚至在某些情况下发送到互联网上的每个 IP地址.它记录地址是否返回状态代码 - 表示在该地址上运行了Web服务器.
目前还不清楚这些信息会做些什么.也许如果他们得到答复,他们会把你列入一个名单,以便进一步探讨.这实际上很常见.
除非您在某些管理实用程序(wordpress,drupal,phpmyadmin等)上使用默认密码,否则这些类型的东西都是无害的.如果您开始受到这些请求的轰炸,您可能希望使用更高级的硬件或软件防火墙,审核您的公开端口,并可能开始限制IP范围.
http://who.is/whois-ip/ip-address/93.113.125.12
如果这种情况持续存在,您始终可以将事件报告给源的ISP.
| 归档时间: |
|
| 查看次数: |
978 次 |
| 最近记录: |