【求助】被攻擊了嗎..?

**emilee** · 2005-06-24, 12:54 PM

這二天網站速度變慢..
mrtg顯示網站上、下傳都接近滿載.
apache的log檔都是一些連外的網址
其中一段如下..!
請幫我看一下，要如何解決啊..?

=====================
218.56.175.30 - - [24/Jun/2005:07:59:51 +0800] "GET http://ad.doubleclick.net/adi/teambo...7925999065515? HTTP/1.1" 200 358

200.210.146.176 - - [24/Jun/2005:07:57:57 +0800] "GET http://gb.fotolog.net/?t=royK4n5GUEs...WHupaIf8aQYy8= HTTP/1.0" 502 797

61.222.167.170 - - [24/Jun/2005:08:00:01 +0800] "GET /non-cgi/images/leovbb3/newreply.gif HTTP/1.1" 304 -

66.191.212.116 - - [24/Jun/2005:07:59:47 +0800] "GET http://e8.member.ukl.yahoo.com/confi...asswd=marlboro HTTP/1.0" 999 3647

61.222.167.170 - - [24/Jun/2005:08:00:02 +0800] "GET /non-cgi/images/leovbb3/newpoll.gif HTTP/1.1" 304 -

72.36.176.242 - - [24/Jun/2005:07:59:55 +0800] "CONNECT 64.12.200.89:443 HTTP/1.0" 200 -

209.123.8.77 - - [24/Jun/2005:07:59:56 +0800] "POST http://tgp.x3scripts.com/tgp/submit.x3ml HTTP/1.1" 206 743

83.170.199.119 - - [24/Jun/2005:07:59:58 +0800] "HEAD http://66.230.134.171/member/index.html HTTP/1.0" 401 -

81.215.195.34 - - [24/Jun/2005:07:59:41 +0800] "GET http://www.dodger.co.uk/members/main.html HTTP/1.0" 502 232

213.39.204.238 - - [24/Jun/2005:07:59:58 +0800] "GET http://www.anabell4you.com/members/p...p?section_id=7 HTTP/1.0" 401 473

66.197.196.133 - - [24/Jun/2005:07:59:53 +0800] "CONNECT login.icq.com:443 HTTP/1.0" 200 -

64.239.74.80 - - [24/Jun/2005:08:00:01 +0800] "GET http://www.wildteens-only.com/cgi-bi...3.0.2/code.cgi HTTP/1.1" 206 1964

61.222.167.170 - - [24/Jun/2005:08:00:03 +0800] "GET /non-cgi/images/prethread.gif HTTP/1.1" 304 -

220.146.128.108 - - [24/Jun/2005:08:00:01 +0800] "GET http://apocalypsis.free.fr/diplomati...e%20allechante HTTP/1.1" 200 879

61.222.167.170 - - [24/Jun/2005:08:00:03 +0800] "GET /non-cgi/images/flatview.gif HTTP/1.1" 304 -

61.129.47.111 - - [24/Jun/2005:07:59:58 +0800] "GET http://ad.trafficmp.com/tmpad/banner....asp?poID=elv7 HTTP/1.0" 200 5336

24.59.251.37 - - [24/Jun/2005:07:59:43 +0800] "GET http://l10.login.scd.yahoo.com/confi...2&passwd=hello HTTP/1.0" 502 232

83.170.199.119 - - [24/Jun/2005:07:59:58 +0800] "HEAD http://66.230.134.171/member/index.html HTTP/1.0" 401 -

81.241.100.126 - - [24/Jun/2005:07:59:58 +0800] "GET http://216.109.126.252/config/login?...&passwd=hunter HTTP/1.0" 999 4362

68.235.247.219 - - [24/Jun/2005:08:00:03 +0800] "GET http://w3.edit.tpe.yahoo.com/config/...&passwd=milton HTTP/1.0" 502 864

222.226.74.166 - - [24/Jun/2005:07:59:59 +0800] "GET http://invis.free.anonymizer.com/htt...HVCI+8OI+60OXD HTTP/1.1" 200 43

82.165.43.140 - - [24/Jun/2005:07:59:51 +0800] "CONNECT login.icq.com:443 HTTP/1.0" 200 -

66.36.243.179 - - [24/Jun/2005:07:59:59 +0800] "GET http://www.ourcpsite.com/wwwboard/messages/1997.html HTTP/1.1" 404 650

24.210.34.195 - - [24/Jun/2005:08:00:02 +0800] "GET http://www.hot-lolitas.net/members/de/ HTTP/1.0" 401 469

61.222.167.170 - - [24/Jun/2005:08:00:04 +0800] "GET /non-cgi/images/nextthread.gif HTTP/1.1" 304 -

61.114.32.0 - - [24/Jun/2005:07:59:56 +0800] "GET http://www.t-b-g.com/ HTTP/1.0" 200 17238

83.236.2.136 - - [24/Jun/2005:07:59:54 +0800] "CONNECT login.icq.com:443 HTTP/1.0" 200 -

204.13.169.13 - - [24/Jun/2005:07:59:55 +0800] "POST http://www.carcarecity.com/cgi-bin/wwwboard.pl HTTP/1.1" 404 213

61.222.167.170 - - [24/Jun/2005:08:00:04 +0800] "GET /non-cgi/images/none.gif HTTP/1.1" 304 -

221.195.24.213 - - [24/Jun/2005:07:59:59 +0800] "GET http://gjc00.vip.533.net:80/ip.cgi HTTP/1.1" 200 2109

67.8.249.49 - - [24/Jun/2005:07:59:58 +0800] "GET http://login.yahoo.com/ HTTP/1.0" 200 20090

83.236.2.136 - - [24/Jun/2005:07:59:59 +0800] "CONNECT login.icq.com:443 HTTP/1.0" 200 -

69.81.102.112 - - [24/Jun/2005:08:00:02 +0800] "GET http://www21.big.or.jp/~mana_/prxjdg.cgi HTTP/1.0" 200 1761

210.178.182.108 - - [24/Jun/2005:07:59:58 +0800] "CONNECT login.icq.com:443 HTTP/1.0" 200 -

220.132.37.97 - - [24/Jun/2005:07:59:36 +0800] "GET http://203.187.1.180/ugyuinhiro/ppmu...0-20041201.rar HTTP/1.1" 206 20480

66.197.196.133 - - [24/Jun/2005:08:00:00 +0800] "CONNECT login.icq.com:443 HTTP/1.0" 200 -

81.208.74.183 - - [24/Jun/2005:08:00:03 +0800] "HEAD http://www.sissymaidmovies.com/MEMBER/DAISY/daisy.htm? HTTP/1.0" 401 -

207.234.208.161 - - [24/Jun/2005:07:59:22 +0800] "GET http://www.tgpseeker.com/szone/submit.html HTTP/1.1" 206 61479

210.98.224.190 - - [24/Jun/2005:08:00:02 +0800] "GET http://69.41.164.232/scripts/main_c.asp HTTP/1.1" 500 4070

**chiangww** · 2005-07-03, 11:24 AM

你把這些po出來就正好中計了,他們就是要讓這些網址有更高的曝光率.

基本上 GET 一些不存在的 document 沒什麼關係.

【求助】被攻擊了嗎..?

主題: 【求助】被攻擊了嗎..?

主題工具

【求助】被攻擊了嗎..?

類似的主題

【問題】某ip連續使用不同port嘗試連接我的特定port 這樣算被攻擊了嗎?

【求助】請問硬碟突然狂跑，服務被阻斷，是被攻擊了嗎？

【求助】我好像被攻擊了!!!

各位高手我被攻擊了

我被攻擊了!!!!!!!

書籤

書籤

發表文章規則

連結交換

Link 2

免責聲明

搜尋

社群網路連結