請問一下這是這麼回事



贊助商連結


spc
2001-08-08, 11:02 PM
請問一下最近我每次上網(hinet adsl計時制)總是會有一堆想存取我的電腦的要求
側是什麼原因呢?請指教,謝謝!
ZONEALARM 2.6.88
FWIN,2001/08/08,22:28:35 +8:00 GMT,61.216.121.169:1874,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:29:01 +8:00 GMT,61.216.42.49:3636,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:29:05 +8:00 GMT,61.216.50.199:3779,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:30:43 +8:00 GMT,61.34.66.10:1724,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:30:46 +8:00 GMT,61.216.197.75:1997,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:31:07 +8:00 GMT,61.216.150.245:4429,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:31:18 +8:00 GMT,61.216.46.39:2256,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:34:23 +8:00 GMT,61.216.35.237:3887,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:35:31 +8:00 GMT,61.216.71.121:2508,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:35:54 +8:00 GMT,61.142.98.145:1503,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:36:57 +8:00 GMT,61.216.150.245:1583,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:37:10 +8:00 GMT,61.216.126.39:1439,61.216.201.168:27374,TCP (旗標:S)
FWIN,2001/08/08,22:38:45 +8:00 GMT,61.216.18.48:1500,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:38:58 +8:00 GMT,61.216.75.50:1613,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:39:47 +8:00 GMT,61.216.66.190:1025,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:40:56 +8:00 GMT,61.216.13.86:4033,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:41:11 +8:00 GMT,61.125.193.245:3058,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:41:23 +8:00 GMT,61.216.125.113:2849,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:41:37 +8:00 GMT,61.216.104.64:3222,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:42:19 +8:00 GMT,61.216.166.175:3586,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:43:31 +8:00 GMT,61.216.177.225:2326,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:45:59 +8:00 GMT,61.216.37.100:1249,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:46:20 +8:00 GMT,61.216.36.158:1156,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:46:45 +8:00 GMT,61.216.132.121:1557,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:47:04 +8:00 GMT,61.133.170.115:1328,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:50:28 +8:00 GMT,61.216.250.177:1203,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:50:39 +8:00 GMT,169.254.85.167:4485,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:50:55 +8:00 GMT,61.216.243.168:3751,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:51:37 +8:00 GMT,61.216.224.177:2796,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:53:10 +8:00 GMT,61.216.50.152:4174,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:54:15 +8:00 GMT,61.216.49.33:1652,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:54:20 +8:00 GMT,61.216.131.34:1974,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:54:22 +8:00 GMT,61.216.70.94:4269,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:55:19 +8:00 GMT,61.216.155.240:4799,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:55:37 +8:00 GMT,61.216.114.202:1600,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:56:36 +8:00 GMT,61.76.30.47:4929,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:57:11 +8:00 GMT,61.216.33.81:3155,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:58:20 +8:00 GMT,61.216.194.70:4424,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:58:36 +8:00 GMT,61.216.50.199:4117,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:59:37 +8:00 GMT,61.216.51.240:4316,61.216.201.168:80,TCP (旗標:S)
FWIN,2001/08/08,22:59:59 +8:00 GMT,61.216.237.141:4580,61.216.201.168:80,TCP (旗標:S)
以下略

贊助商連結


berkely
2001-08-08, 11:06 PM
或許先看前面大大文章,再丟上來,比較有誠意一點:)

tsungchi
2001-08-08, 11:30 PM
整排都port::80
Code Red病毒

jeswang
2001-08-08, 11:42 PM
我也是收到一堆 80 port 的警告,只是這些 IP 似乎都是動態 IP ,不像是固定 IP,Code Red 不是只感染 NT 或是 2000 的 IIS 嗎?

tsungchi
2001-08-08, 11:47 PM
最初由 jeswang
我也是收到一堆 80 port 的警告,只是這些 IP 似乎都是動態 IP ,不像是固定 IP,Code Red 不是只感染 NT 或是 2000 的 IIS 嗎?
雖然我是計時制可是我也有裝win2k+iis
為什麼大多是動態ip~我猜可能是真正有用iis的固定用戶都已經修補了

spc
2001-08-09, 12:10 AM
可是我的win2k pro + sp2沒有裝iis啊,也沒有紅色警戒的徵兆如
c:\exploer.exe等奇怪的程式出現啊

Fex
2001-08-09, 02:16 AM
最初由 spc
可是我的win2k pro + sp2沒有裝iis啊,也沒有紅色警戒的徵兆如
c:\exploer.exe等奇怪的程式出現啊
因為你並沒有中.....
只是一直被那些感染的機器攻擊.....
所以,在ZA中才會有那麼多的紀錄........

我 Apache 中的 log 檔.....
也是一堆紀錄.......

說到code red,他到是顯示出....
很多人只是感流行灌了Win2k,但是卻安裝一些根本用不到的東西....
被攻擊了也不知道.....
才會導致一堆電腦被感染,到處攻擊別的機器....
但是主人卻連洞都不補....

jeswang
2001-08-09, 10:46 AM
說的是啊,我還在想說這些 user 沒事安裝 IIS 作什麼。
另外剛剛想說如果對方裝 2000 或是 NT 是否可以用
NET SEND xxx.xxx.xxx.xxx "Message" 的方式直接通知及
警告對方,因為我想對方大概也不會關掉 messenger service。



最初由 Fex

因為你並沒有中.....
只是一直被那些感染的機器攻擊.....
所以,在ZA中才會有那麼多的紀錄........

我 Apache 中的 log 檔.....
也是一堆紀錄.......

說到code red,他到是顯示出....
很多人只是感流行灌了Win2k,但是卻安裝一些根本用不到的東西....
被攻擊了也不知道.....
才會導致一堆電腦被感染,到處攻擊別的機器....
但是主人卻連洞都不補....