我的服务器每分钟都要面对成千上万个这样的请求:
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 19606 "-" "-" 92
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 5872 "-" "-" 88
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 9866 "-" "-" 88
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 5796 "-" "-" 89
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 4867 "-" "-" 89
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 55357 "-" "-" 89
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 5254 "-" "-" 88
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 5888 "-" "-" 88
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 7973 "-" "-" 88
**.**.***.*** - - [24/Sep/2015:17:01:14 +0200] "GET /imagefolder/someimage.jpeg HTTP/1.0" 200 6401 "-" "-" 88
**.**.***.*** - - [24/Sep/2015:17:01:11 +0200] "GET /404 HTTP/1.0" 200 21704 "-" "-" 44
(XX.XX.XXX。XXX为服务器IP)
它们每次指向不同的文件,但总是指向相同的文件夹,并且总是来自服务器IP。
我已经检查了服务器中的所有"cron"文件,没有一个可以执行这些类型的HTTP请求。有人知道是否有某种攻击可以做到这一点,即使攻击来自我的服务器IP吗?
Linux, Unix甚至windows都有编程netstat,通过正确的选项和权限,它将告诉您与套接字本地端相关的编程