服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 我应该关心在我的日志中看到这个吗?
Intereting Posts
添加新的根/企业CA而不打扰现有的? 英特尔PRO / 1000 PM的Windows 2008 64位驱动程序? 服务器迁移03 – > 12 是否有可能在Windows 7中禁用ARP 无法连接在同一局域网内的电脑 追踪资源匮乏问题 无法访问弹性search的pid文件 如果一台计算机从Active Directory中删除,它会创build一个日志文件? 跨应用程序服务器负载平衡 需要关于loggingLAMP网站的build议 VMware 5.5主机不从NTP更新时间 如何在Systemd上使用Jenkins自动重启 加载Flash内容,同时打开图像链接 Apache反向代理从一个虚拟主机到两个Tomcat 本地帐户如何访问另一台计算机上的数据库?

我应该关心在我的日志中看到这个吗?

在我的Nginx访问日志中,下面的请求(这是其中的一半左右)已经超过了从注册到越南ISP的IP几分钟的时间(我可以提供IP,但我不确定如果这是允许她)。 我昨天刚刚设置了服务器。 注意libwww-perl/5.805用户代理和path(寻找常见的configuration文件等)。

我应该担心这个问题,还是有太多的机器人扫描IP地址,每天都会有这样的扫描是不可避免的? 

 <some IP in Vietnam> - - [22/May/2013:11:15:44 +0000] "GET /db_config.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:45 +0000] "GET /db_conf.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:45 +0000] "GET /data.inc HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:46 +0000] "GET /dados.inc HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:46 +0000] "GET /conecta.inc HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:47 +0000] "GET /database.inc HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:47 +0000] "GET /banco.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:48 +0000] "GET /mysql.inc HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:48 +0000] "GET /dbsql.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:49 +0000] "GET /sqldb.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:49 +0000] "GET /backup.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:50 +0000] "GET /DB.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:50 +0000] "GET /include/config.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:51 +0000] "GET /include/dbconfig.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:51 +0000] "GET /include/conf.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:52 +0000] "GET /include/connect.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:52 +0000] "GET /include/db.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:53 +0000] "GET /include/conexao.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:53 +0000] "GET /include/configuration.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:54 +0000] "GET /include/application.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:54 +0000] "GET /inc/config.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:55 +0000] "GET /inc/dbconfig.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:55 +0000] "GET /inc/conf.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:56 +0000] "GET /inc/connect.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:56 +0000] "GET /inc/db.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:57 +0000] "GET /inc/conexao.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:57 +0000] "GET /inc/configuration.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:58 +0000] "GET /inc/application.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:58 +0000] "GET /includes/config.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:59 +0000] "GET /includes/dbconfig.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:15:59 +0000] "GET /includes/conf.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:00 +0000] "GET /includes/connect.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:00 +0000] "GET /includes/db.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:01 +0000] "GET /includes/conexao.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:01 +0000] "GET /includes/configuration.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:02 +0000] "GET /includes/application.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:02 +0000] "GET /application/configs/application.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:03 +0000] "GET /application/configs/config.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:03 +0000] "GET /application/configs/dbconfig.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:04 +0000] "GET /application/configs/db.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:04 +0000] "GET /application/configs/connect.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:05 +0000] "GET /application/configs/conexao.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:05 +0000] "GET /application/configs/conf.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:06 +0000] "GET /application/configs/configuration.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:06 +0000] "GET /application/configs/data.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:07 +0000] "GET /application/configs/banco.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:07 +0000] "GET /application/configs/dbconf.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:08 +0000] "GET /configs/application.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:09 +0000] "GET /configs/config.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:09 +0000] "GET /configs/dbconfig.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:10 +0000] "GET /configs/db.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:10 +0000] "GET /configs/connect.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:11 +0000] "GET /configs/conexao.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:11 +0000] "GET /configs/conf.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:12 +0000] "GET /configs/configuration.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:12 +0000] "GET /configs/data.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:13 +0000] "GET /configs/banco.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805" <some IP in Vietnam> - - [22/May/2013:11:16:13 +0000] "GET /configs/dbconf.ini HTTP/1.1" 502 166 "-" "libwww-perl/5.805"

对于任何暴露于互联网的IP,您将得到这样的扫描。 这是你应该看到的正常背景噪声的一部分。

可以使用各种工具来限制或禁止执行像这样的扫描的IP – mod_security,iptables,fail2ban等 – 但通常不是必需的。

你的假设是正确的:花费他们的时间(和所有者的带宽分配)探测漏洞的受到攻击的主机的数量可能会达到数百万。 从时间戳中可以看到,攻击是自动的。

阅读这些攻击可能是有益的,因为它可以让你知道哪些漏洞被探测到,但是总的来说,它们只是提醒你保持系统的安全和修补。