應該只能偵對MS Server攻擊!
Linux Server 應該是無效??
74.208.16.39 - - [30/Jul/2009:03:45:58 +0800] "PUT /index.htm HTTP/1.0" 405 286 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:45:58 +0800] "PUT /index.html HTTP/1.0" 405 287 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:45:58 +0800] "PUT /welcome.htm HTTP/1.0" 405 288 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:45:59 +0800] "PUT /welcome.html HTTP/1.0" 405 289 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:45:59 +0800] "PUT /home.htm HTTP/1.0" 405 285 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:45:59 +0800] "PUT /home.html HTTP/1.0" 405 286 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:45:59 +0800] "PUT /index.aspx HTTP/1.0" 405 287 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:00 +0800] "PUT /defaut.aspx HTTP/1.0" 405 288 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:00 +0800] "PUT /home.aspx HTTP/1.0" 405 286 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:00 +0800] "PUT /default.htm HTTP/1.0" 405 288 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:00 +0800] "PUT /default.html HTTP/1.0" 405 289 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:00 +0800] "PUT /index.asp HTTP/1.0" 405 286 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:01 +0800] "PUT /main.htm HTTP/1.0" 405 285 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:01 +0800] "PUT /iisstart.asp HTTP/1.0" 405 289 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:01 +0800] "PUT /main.html HTTP/1.0" 405 286 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:01 +0800] "PUT /main.asp HTTP/1.0" 405 285 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:01 +0800] "PUT /main.aspx HTTP/1.0" 405 286 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:02 +0800] "PUT /default.asp HTTP/1.0" 405 288 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:02 +0800] "PUT /home.asp HTTP/1.0" 405 285 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:02 +0800] "PUT /index.php HTTP/1.0" 302 3 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:02 +0800] "PUT /default.php HTTP/1.0" 404 2299 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:03 +0800] "PUT /home.php HTTP/1.0" 404 2299 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:03 +0800] "PUT /iisstart.asp HTTP/1.0" 405 289 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:03 +0800] "PUT /localstart.asp HTTP/1.0" 405 291 "-" "Microsoft Data Access Internet Publishing Provider DAV 1.1"
74.208.16.39 - - [30/Jul/2009:03:46:03 +0800] "GET / HTTP/1.0" 302 3 "-" "-"
惡意連線又一樁!
版主: 阿信
3 篇文章
• 第 1 頁 (共 1 頁)
由 crack888wei » 週四 11月 19, 2009 3:26 pm
你是單機使用嗎?可以使用單機防火牆建議加入
#過慮蠕蟲病毒
#444/445/69/135/139
###-----------------------------------------------------------------###
iptables -A FORWARD -p tcp --dport 4444 -j DROP
iptables -A FORWARD -p udp --dport 4444 -j DROP
iptables -A FORWARD -p tcp --dport 445 -j DROP
iptables -A FORWARD -p udp --dport 445 -j DROP
iptables -A FORWARD -p tcp --dport 69 -j DROP
iptables -A FORWARD -p udp --dport 69 -j DROP
iptables -A FORWARD -p tcp --dport 135 -j DROP
iptables -A FORWARD -p udp --dport 135 -j DROP
iptables -A FORWARD -p tcp --dport 139 -j DROP
iptables -A FORWARD -p udp --dport 139 -j DROP
#過慮蠕蟲病毒
#444/445/69/135/139
###-----------------------------------------------------------------###
iptables -A FORWARD -p tcp --dport 4444 -j DROP
iptables -A FORWARD -p udp --dport 4444 -j DROP
iptables -A FORWARD -p tcp --dport 445 -j DROP
iptables -A FORWARD -p udp --dport 445 -j DROP
iptables -A FORWARD -p tcp --dport 69 -j DROP
iptables -A FORWARD -p udp --dport 69 -j DROP
iptables -A FORWARD -p tcp --dport 135 -j DROP
iptables -A FORWARD -p udp --dport 135 -j DROP
iptables -A FORWARD -p tcp --dport 139 -j DROP
iptables -A FORWARD -p udp --dport 139 -j DROP
謙虛學習,小弟我也是新手回答不對的地方請各位前輩指導我一下謝謝^^
- crack888wei
- 可愛的小學生
- 文章: 19
- 註冊時間: 週三 10月 07, 2009 9:47 am
3 篇文章
• 第 1 頁 (共 1 頁)
誰在線上
正在瀏覽這個版面的使用者:沒有註冊會員 和 1 位訪客