整個晚上, 每分鐘都有HiNET的IP在掃port 80!
211.72.106.120
211.72.127.214
211.72.164.156
211.72.164.56
211.72.194.38
211.72.194.80
211.72.223.173
211.72.252.143
211.72.253.20
211.72.95.125
211.72.126.36
211.72.242.73
211.72.106.120
211.72.111.130
...
整個晚上, 每分鐘都有HiNET的IP在掃port 80!
211.72.106.120
211.72.127.214
211.72.164.156
211.72.164.56
211.72.194.38
211.72.194.80
211.72.223.173
211.72.252.143
211.72.253.20
211.72.95.125
211.72.126.36
211.72.242.73
211.72.106.120
211.72.111.130
...
我也一直被狂掃
這跟今天hinet被大陸駭客入侵有關嗎?
FWIN,2001/08/04,19:11:33 +8:00 GMT,61.216.19.64:1288,61.216.17.213:80,TCP (flags:S)
FWIN,2001/08/04,19:14:09 +8:00 GMT,61.216.19.64:1965,61.216.17.213:80,TCP (flags:S)
FWIN,2001/08/04,19:20:01 +8:00 GMT,61.216.108.181:1984,61.216.17.213:80,TCP (flags:S)
FWIN,2001/08/04,19:21:31 +8:00 GMT,61.216.93.96:2991,61.216.17.213:80,TCP (flags:S)
FWIN,2001/08/04,19:21:39 +8:00 GMT,61.216.48.23:1246,61.216.17.213:80,TCP (flags:S)
FWIN,2001/08/04,19:24:27 +8:00 GMT,61.216.72.122:4089,61.216.17.213:80,TCP (flags:S)
FWIN,2001/08/04,19:24:46 +8:00 GMT,61.216.4.110:1890,61.216.17.213:80,TCP (flags:S)
FWIN,2001/08/04,19:24:59 +8:00 GMT,61.216.71.236:3915,61.216.17.213:80,TCP (flags:S)
FWIN,2001/08/04,19:25:08 +8:00 GMT,61.216.48.23:4351,61.216.17.213:80,TCP (flags:S)
FWIN,2001/08/04,19:50:28 +8:00 GMT,61.216.158.238:2086,61.217.7.192:80,TCP (flags:S)
FWIN,2001/08/04,19:52:00 +8:00 GMT,61.217.20.94:1759,61.217.7.192:80,TCP (flags:S)
FWIN,2001/08/04,19:52:22 +8:00 GMT,61.127.96.112:3155,61.217.7.192:80,TCP (flags:S)
FWIN,2001/08/04,20:02:21 +8:00 GMT,61.216.28.6:2348,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:09:01 +8:00 GMT,61.217.249.130:4594,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:13:13 +8:00 GMT,61.217.167.238:2854,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:15:46 +8:00 GMT,61.217.65.230:2125,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:16:26 +8:00 GMT,216.253.133.22:1805,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:16:32 +8:00 GMT,61.140.191.138:3869,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:18:50 +8:00 GMT,61.217.179.56:4807,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:20:35 +8:00 GMT,61.217.163.49:2218,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:20:45 +8:00 GMT,61.217.62.108:1856,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:21:28 +8:00 GMT,61.216.185.143:4493,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:24:12 +8:00 GMT,61.224.71.42:1879,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:25:14 +8:00 GMT,61.217.62.108:4564,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:28:01 +8:00 GMT,61.217.179.56:3200,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:28:04 +8:00 GMT,61.216.185.143:1486,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:28:29 +8:00 GMT,61.217.29.4:4331,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:35:07 +8:00 GMT,61.217.54.148:3305,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:35:18 +8:00 GMT,61.217.29.4:1268,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:36:03 +8:00 GMT,61.217.240.195:2598,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:40:03 +8:00 GMT,61.224.71.196:3622,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:41:45 +8:00 GMT,61.217.157.207:2254,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:42:03 +8:00 GMT,61.217.248.90:3394,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:55:30 +8:00 GMT,61.43.214.216:4190,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:56:40 +8:00 GMT,61.216.155.156:3818,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,20:57:49 +8:00 GMT,61.217.65.230:1543,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:03:37 +8:00 GMT,61.217.94.168:1126,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:04:38 +8:00 GMT,61.73.23.149:3190,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:08:37 +8:00 GMT,61.217.201.90:3650,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:12:32 +8:00 GMT,61.217.207.219:2923,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:19:49 +8:00 GMT,61.217.204.215:1916,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:29:13 +8:00 GMT,61.217.3.102:2166,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:33:08 +8:00 GMT,61.217.105.142:2545,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:35:13 +8:00 GMT,61.224.72.22:3100,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:35:26 +8:00 GMT,61.217.57.185:4434,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:36:32 +8:00 GMT,61.166.65.100:500,61.217.7.237:500,UDP
FWIN,2001/08/04,21:36:49 +8:00 GMT,61.166.65.100:3509,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:40:03 +8:00 GMT,61.137.108.199:4879,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:41:31 +8:00 GMT,61.153.71.137:3665,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:43:45 +8:00 GMT,61.217.229.137:1056,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:44:39 +8:00 GMT,61.18.155.105:4842,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:47:33 +8:00 GMT,61.217.105.142:1198,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:48:56 +8:00 GMT,61.217.29.87:3179,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:49:26 +8:00 GMT,210.100.245.23:4693,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:51:27 +8:00 GMT,61.217.208.191:3311,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:51:38 +8:00 GMT,207.69.120.3:3849,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:55:36 +8:00 GMT,61.217.55.87:3987,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:55:59 +8:00 GMT,61.217.214.124:1401,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,21:59:38 +8:00 GMT,61.217.105.142:3762,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:00:27 +8:00 GMT,61.217.53.239:3372,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:03:21 +8:00 GMT,61.217.66.159:2253,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:05:46 +8:00 GMT,61.217.61.130:3578,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:08:25 +8:00 GMT,211.220.79.53:2085,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:08:30 +8:00 GMT,61.217.13.190:3248,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:08:41 +8:00 GMT,61.217.200.183:4378,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:09:12 +8:00 GMT,61.217.105.142:3211,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:10:37 +8:00 GMT,61.217.26.244:3591,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:11:03 +8:00 GMT,61.217.223.77:4266,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:12:47 +8:00 GMT,61.217.209.115:3634,61.217.7.237:80,TCP (flags:S)
FWIN,2001/08/04,22:18:12 +8:00 GMT,61.216.19.218:1663,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:18:40 +8:00 GMT,61.216.219.168:4540,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:18:47 +8:00 GMT,61.75.39.67:2487,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:20:19 +8:00 GMT,61.216.28.178:3304,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:20:44 +8:00 GMT,61.216.114.105:4874,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:20:52 +8:00 GMT,61.224.179.39:4295,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:21:53 +8:00 GMT,61.216.58.80:1610,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:22:17 +8:00 GMT,61.216.243.178:2239,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:22:39 +8:00 GMT,61.216.4.75:4484,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:22:54 +8:00 GMT,61.216.28.6:1261,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:23:17 +8:00 GMT,61.216.114.20:1704,61.216.19.152:21,TCP (flags:S)
LOCK,2001/08/04,22:23:24 +8:00 GMT,Outlook Express,127.0.0.1,N/A
FWIN,2001/08/04,22:23:24 +8:00 GMT,61.216.149.248:2545,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:26:14 +8:00 GMT,61.128.101.219:2401,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:26:31 +8:00 GMT,61.216.99.253:4295,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:27:08 +8:00 GMT,61.216.23.68:4855,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:28:34 +8:00 GMT,61.216.193.222:3284,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:30:00 +8:00 GMT,61.217.28.40:1177,61.216.19.152:80,TCP (flags:S)
FWIN,2001/08/04,22:38:19 +8:00 GMT,61.216.28.178:2694,61.216.16.99:80,TCP (flags:S)
FWIN,2001/08/04,22:38:45 +8:00 GMT,61.216.118.162:3321,61.216.16.99:80,TCP (flags:S)
還以為只有我這樣...
會不會是最近red code的關係??
對啊,我是用BlackICE從昨天下午起機乎沒有間斷都是port probe
211.75.140.178
211.75.215.130
211.75.225.131
211.75.232.39
..............
開機不到30分鐘intruders機乎滿了,太恐怖了.
我的也是一樣ㄝ,"但是是我掃别人的port"~~~最初由 CCplus
還以為只有我這樣...
會不會是最近red code的關係??
可能是中了red code病毒的關係吧,我不是很確定~~~
後來去安裝微軟修正程式(Windows 2000 Service Pack 2),就不會了(修正程式"軟體王"那裡可以下載,約101.22MB)
我的OS:Win2k server
我也是
東森的整個range對我的80狂衝........
這個問題我這幾天剛碰到
也處理完了,建議有問題的朋友可以到這看看
http://www.pczone.com.tw/showthread.php?t=16362
我也是耶 !!
一堆 Hinet 的 IP , 也有 來自大陸的,
反查了一下, 全都是 IIS 5.0 的 Server
我的跟大家的不太一樣...
我架的 Server 是被狂掃 80 之外沒有用到的 Port...
像是什麼 40xx, 3xxx ....等等。
(** 突然想到: 該不會因為我在 ZoneAlarm 裡設定 Apache 可以變成 Internet 的 Server 的關係,所以沒發現 Port 80 的問題嗎?!)
然後來源 IP 有從大陸、韓國、台灣、日本來的...
哇哩咧...我才想說我那個小小的實驗站名氣沒那麼大吧...
懷疑是跟這個病毒有關..
目前我的 Server 好像都連不上耶...
本機可以,但 LAN 和外部網路都連不上我的 Server...
LAN 內的電腦即便連上了,速度也很慢...
可是我裝的是 Apache 1.3.20,也會被侵入嗎?
我也早就裝了 SP2 了說...
今天才看到 Post,明天到學校去裝那個 Win2000 的 SP3 修補看看...
架設平台:
Win2000 Server + SP2
Apache 1.3.20
PHP 4.0.6
MySQL 3.23.32
Zone Alarm 2.6.88 (Free 版)
這應該是網路上其它中了 Code Red 病毒的 IIS Server 在掃其它人的 port 80,
即使有開 port 80, 只要不是裝 IIS 它跟本奈何不了你,
只會留下 404 Not Found 的 error message 在 error.log 中而己.
書籤