阿里云
阿里云飞天战略营全新发布
发表主题 回复主题
  • 1224阅读
  • 3回复

[求助]把日志做的更详细些,终于看到了阿里扫描用户的8080端口在做什么。

级别: 小白
发帖
27
云币
31
己写了一个简易的http协议升级wesocket协议,绑定到8080端口,又不是标准的http协议80端口,为何阿里要用http协议来扫描8080端口。下面是记录的日志(只开了10分钟): e2Jp'93o'  
Mi74Xl i  
M=%!IT  
17:01:39 MSG:ucid 1 TCP connected from IP:120.132.3.151! E@pFTvo  
7bT /KLU  
xOIg|2^8  
17:01:39 MSG:ucid 2 TCP connected from IP:120.132.3.151! [TCRB`nTQF  
k7Oy5$##  
AbZ:(+@cP  
17:01:39 MSG:ucid 3 TCP connected from IP:120.132.3.151! 1Z:R,\+L  
RpN <=  
qLRE}$P  
17:01:39 MSG:ucid 3:GET http://www.qq.com/404/search_children.js HTTP/1.1 &<h?''nCy  
N84qcc  
P6we(I`"2  
17:01:39 MSG:ucid 3 disconnected! @1.9PR$x  
oKiD8':  
^&m?qKN8  
17:01:44 MSG:ucid 1 disconnected! >zR14VO`_|  
BWEv1' v  
:#SNpn=@  
17:01:44 MSG:ucid 2 disconnected! } J(1V!EA  
!a[$)c  
4\1;A`2%0  
17:08:08 MSG:ucid 4 TCP connected from IP:140.205.225.193! fq(5Lfe}  
kW(Kh0x  
TkT-$=i  
17:08:08 MSG:ucid 4:GET / HTTP/1.1 UoRDeYQ`E  
\n(ROf^'  
-yA3 RP  
17:08:08 MSG:ucid 4 disconnected! LP?P=c  
l0#4Fma  
1RA }aX  
17:08:14 MSG:ucid 5 TCP connected from IP:140.205.225.193! yM|g|;U  
cz>mhD  
d<v~=  
17:08:14 MSG:ucid 5:GET / HTTP/1.1 6Pijvx^0  
U2UyN9:6F  
?OO%5PSen  
17:08:14 MSG:ucid 5 disconnected! 6=3(oUl  
QQq/5r4O`q  
0@v 2*\D#  
17:08:34 MSG:ucid 6 TCP connected from IP:140.205.225.193! + Y;8~+  
f| =# q  
p2^)2v  
17:08:34 MSG:ucid 6:GET / HTTP/1.1 Of&"U/^  
()B7(Y  
& L'6KEahR  
17:08:34 MSG:ucid 6 disconnected! L?Tu)<Mn  
{s9<ej~<R  
TR?Bvy2s:g  
17:08:38 MSG:ucid 7 TCP connected from IP:140.205.225.193! :fW.-^"VP  
( mt*y]p?  
zQt1;bo  
17:08:38 MSG:ucid 7:GET /clusters.jsf HTTP/1.1 J7Sx!PQ  
j^{b^!4~}  
;da4\bppt  
17:08:38 MSG:ucid 7 disconnected! 3wo'jOb  
_E (x2BS?  
FF jRf  
17:09:16 MSG:ucid 8 TCP connected from IP:140.205.225.193! #XfT1  
S,VyUe4P4  
)Z&HuEg{ZR  
17:09:16 MSG:ucid 8:GET / HTTP/1.1 ]An_5J  
z :? :  
r;$r=Ufr  
17:09:16 MSG:ucid 8 disconnected! h*l cEzG?A  
7<vy;"wB  
@H6%G>K,  
17:09:17 MSG:ucid 9 TCP connected from IP:140.205.225.193! \:h0w;34O  
>gF-6nPQ  
yj'Cy8  
17:09:17 MSG:ucid 9:GET /jenkins/ HTTP/1.1 SbCJ|z#?  
9V.+U7\w  
N7a[B>+`  
17:09:17 MSG:ucid 9 disconnected! ps "9;4P  
K1<k+t/V  
pA*i!.E/b  
17:09:18 MSG:ucid 10 TCP connected from IP:140.205.225.193! pRb<wt7v  
o16d`}/<  
UYH|?Jw!N  
17:09:18 MSG:ucid 10:GET /zabbix/ HTTP/1.1 ";o~&8?)  
sFCf\y  
.a5X*M]  
17:09:18 MSG:ucid 10 disconnected! a!&bc8J7  
1+S g"?8  
1]HHe*'Z  
17:09:18 MSG:ucid 11 TCP connected from IP:140.205.225.193! z_'dRw  
*u58l(&`8  
B5 D3_ iX]  
17:09:18 MSG:ucid 11:GET / HTTP/1.1 n&(3o6i'  
ixg\[5.Q+  
pz.Y=V\t  
17:09:19 MSG:ucid 11 disconnected! * q+oeAYX  
{ 576+:*  
/nwxuy  
17:09:20 MSG:ucid 12 TCP connected from IP:140.205.225.193! iOKr9%9?Z  
' l|41wxk  
suzFcLxo  
17:09:20 MSG:ucid 12:GET / HTTP/1.1 *Rz!i m|  
3/SfUfWo  
S_a :ML<  
17:09:20 MSG:ucid 12 disconnected! &~z+R="=  
v`@5enr  
6\%r6_.d  
17:09:20 MSG:ucid 13 TCP connected from IP:140.205.225.193! E {I)LdAqK  
~GAlNIv]  
|~7+/VvI+  
17:09:20 MSG:ucid 13:GET /solr/ HTTP/1.1 `\Uc4lRS  
Z83q-  
lpIteZw:  
17:09:20 MSG:ucid 13 disconnected! @$2`DI{_^  
j0ci~6&b3_  
8XLxT(YFIs  
17:09:50 MSG:ucid 14 TCP connected from IP:140.205.225.193! f6keWqv<GW  
aS c#&{  
=x|##7  
17:09:50 MSG:ucid 14:GET /j_acegi_security_check HTTP/1.1 aeN }hG  
Oex{:dO "F  
M!;`(_2  
17:09:50 MSG:ucid 14 disconnected! j<`I\Pmv  
s :-8 Z\,  
`I]1l MJ)o  
17:09:50 MSG:ucid 15 TCP connected from IP:140.205.225.193! .6lY*LI  
{hkM*:U  
fvAh?<Ul  
17:09:50 MSG:ucid 15:POST /j_acegi_security_check HTTP/1.1 ">0/>>Ry  
D#vn {^c8O  
jKY Aid{-  
17:09:50 MSG:ucid 15 disconnected! \'\N"g`Fr  
l%-67(  
SX1Fyy6 w  
17:09:51 MSG:ucid 16 TCP connected from IP:140.205.225.193! PCV58n3  
`dG.L  
UUdu;3E=5  
17:09:51 MSG:ucid 16:POST /j_acegi_security_check HTTP/1.1 v*C+U$_3\1  
rR),~ @]sL  
?~]1Gd  
17:09:51 MSG:ucid 16 disconnected! f)u*Q!BDD  
o{S}e!Vb  
U5@TaGbx  
17:09:51 MSG:ucid 17 TCP connected from IP:140.205.225.193! D7gX,e  
jm#F*F vL  
D@sx`H(  
17:09:51 MSG:ucid 17:POST /j_acegi_security_check HTTP/1.1 B BApL{  
Cn6n4, 0  
qH {8n`  
17:09:51 MSG:ucid 17 disconnected! &kXGWp  
ei|*s+OZu  
M<M# < kD  
17:09:52 MSG:ucid 18 TCP connected from IP:140.205.225.193! fY,@2VxyfA  
PJSDY1T  
^J#*n;OQ3A  
17:09:52 MSG:ucid 18:POST /j_acegi_security_check HTTP/1.1 -Fok %iQ'5  
@gu77^='  
5m%baf2_  
17:09:52 MSG:ucid 18 disconnected! .JD4gF2N  
ga 2Q3mV  
OH!$5FEc  
17:09:52 MSG:ucid 19 TCP connected from IP:140.205.225.193! **w*hd]  
c9ov;Bw6S  
"M5ro$qZ}  
17:09:52 MSG:ucid 19:POST /j_acegi_security_check HTTP/1.1 +qSr=Y:+  
P98X[0&  
HhY2`P8  
17:09:52 MSG:ucid 19 disconnected! @dT: 1s  
WV !kA_  
~\@<8@N2a6  
17:09:53 MSG:ucid 20 TCP connected from IP:140.205.225.193! :)+@qxTy  
3>@qQ_8%~  
 z7.C\l  
17:09:53 MSG:ucid 20:POST /j_acegi_security_check HTTP/1.1 ^b `>/>  
G|6|;   
^b|Nw:  
17:09:53 MSG:ucid 20 disconnected! HA3SQ  
@cTZ`bg  
(fk, 80  
17:09:53 MSG:ucid 21 TCP connected from IP:140.205.225.193! bh;b` 5  
K^cWj_a"  
+{Vwz  
17:09:53 MSG:ucid 21:POST /j_acegi_security_check HTTP/1.1 .5[LQR  
8a$jO+UvN  
?C>VB+X}y  
17:09:53 MSG:ucid 21 disconnected! nGJIjo_I  
`6S=KRv  
Uc4 L|:  
17:09:54 MSG:ucid 22 TCP connected from IP:140.205.225.193! Z564K7IV  
J:-TINeB  
ZNH*[[Pf  
17:09:54 MSG:ucid 22:POST /j_acegi_security_check HTTP/1.1 84oW  
z:Zn.e*$b  
cT=wJ  
17:09:54 MSG:ucid 22 disconnected! @tv];t  
#+ lq7HJ1  
SeJFZ0p  
17:09:54 MSG:ucid 23 TCP connected from IP:140.205.225.193! t1{%FJ0F  
6_ &6'Vq  
?o(X0  
17:09:54 MSG:ucid 23:POST /j_acegi_security_check HTTP/1.1 ZEyGqCf3  
}vxH)U6$q  
+D-+}&oW  
17:09:54 MSG:ucid 23 disconnected! ^(m6g&$(  
Ccd7|L1  
(#l_YI -  
17:09:55 MSG:ucid 24 TCP connected from IP:140.205.225.193! \A\yuJ=  
.]ZuG  
Lvj5<4h;  
17:09:55 MSG:ucid 24:POST /j_acegi_security_check HTTP/1.1 ):\{n8~  
ONe!'a0  
w3bH|VnU8;  
17:09:55 MSG:ucid 24 disconnected! 0|>  
v7OV;e a$  
#M9D" <pn}  
17:09:55 MSG:ucid 25 TCP connected from IP:140.205.225.193! \/4%[Q2QDm  
GxDF7 z%&  
.rB;zA;4S)  
17:09:55 MSG:ucid 25:POST /j_acegi_security_check HTTP/1.1 |%cO"d^ri  
rn5g+%jX*  
k42ur)pb  
17:09:55 MSG:ucid 25 disconnected! 68GGS`&  
KJJb^6P48W  
@[kM1:G-F{  
17:09:56 MSG:ucid 26 TCP connected from IP:140.205.225.193! =ObtD"  
&b6@_C9  
{2clOUi  
17:09:56 MSG:ucid 26:POST /j_acegi_security_check HTTP/1.1 pfQZ|*>lkb  
hYv 6-5_  
a<"& RnG(  
17:09:56 MSG:ucid 26 disconnected! tKsM}+fq  
v4##(~Tu  
Yg,lJ!q  
17:09:56 MSG:ucid 27 TCP connected from IP:140.205.225.193! }=m?gF%3  
 2:/MN2  
3N*C]  
17:09:56 MSG:ucid 27:POST /j_acegi_security_check HTTP/1.1 P:-/3  
{ro!OuA  
;xtb2c8HT  
17:09:56 MSG:ucid 27 disconnected! }ZVv  
RkP|_Bf8)  
-XIvj'u  
17:09:57 MSG:ucid 28 TCP connected from IP:140.205.225.193! vfTG*jG  
{#M{~  
uWtS83i  
17:09:57 MSG:ucid 28:POST /j_acegi_security_check HTTP/1.1 YIUmCx0a  
UuC"-$:  
(C|V-}/*m  
17:09:57 MSG:ucid 28 disconnected! ZjW| qb  
Ul0<Zxv  
7:q-NzE\6  
17:09:57 MSG:ucid 29 TCP connected from IP:140.205.225.193! n]c,0N  
;p!hd }C  
6U9Fa=%>}  
17:09:57 MSG:ucid 29:GET /phpmyadmin/index.php HTTP/1.1 c!wB'~MS#  
'?GZ"C2  
+1fOW4!5  
17:09:57 MSG:ucid 30 TCP connected from IP:140.205.225.193! H>X1(sh#}  
cD@lor j  
V*uu:  
17:09:57 MSG:ucid 30:POST /j_acegi_security_check HTTP/1.1 6Q.whV%y  
PH!B /D5G  
%)ov,p |  
17:09:57 MSG:ucid 30 disconnected! TFNU+  
FGhrf  
l^?A8jG  
17:09:58 MSG:ucid 31 TCP connected from IP:140.205.225.193! Pm;*Jv%  
Dohe(\C@  
1Klu]J%  
17:09:58 MSG:ucid 31:POST /j_acegi_security_check HTTP/1.1 p&doQh  
h,?Yw+#o"  
&?sjeC_  
17:09:58 MSG:ucid 31 disconnected! zb,`K*Z{  
J&1N8Wk)  
4GA-dtyV&  
17:09:58 MSG:ucid 32 TCP connected from IP:140.205.225.193! y+R$pzX  
3edK$B51;  
ys6"Q[B  
17:09:58 MSG:ucid 32:POST /j_acegi_security_check HTTP/1.1 9gayu<J  
S9055`v5  
$:Z xb  
17:09:58 MSG:ucid 32 disconnected! ~2ei+#d!^  
Q[tz)99~  
io_64K+K  
17:09:59 MSG:ucid 33 TCP connected from IP:140.205.225.193! N Z9,9  
n:kxG  
U<byR!qLie  
17:09:59 MSG:ucid 33:POST /j_acegi_security_check HTTP/1.1 sJ()ItU5i  
<)rH8]V  
vB4qJ{f  
17:09:59 MSG:ucid 33 disconnected! -bQvJ`iF  
'Q,<_ L"  
1&nrZG9  
17:09:59 MSG:ucid 34 TCP connected from IP:140.205.225.193! @cNI|T  
e{S`iO  
13 p0w  
17:09:59 MSG:ucid 34:POST /j_acegi_security_check HTTP/1.1  /t P  
$"1&!  
,aL"Wy(  
17:09:59 MSG:ucid 34 disconnected! ?q`mr_x%?  
Np_6ZUaqz  
k Er7,c  
17:10:00 MSG:ucid 35 TCP connected from IP:140.205.225.193! l).Ijl}AH;  
]z NL+]1_  
UQr+\ u  
17:10:00 MSG:ucid 35:POST /j_acegi_security_check HTTP/1.1 ] UTP~2N  
<3OV  
oaE3Aa  
17:10:00 MSG:ucid 35 disconnected! aS 2 Y6  
EQ-~e   
ktb. fhO  
17:10:00 MSG:ucid 36 TCP connected from IP:140.205.225.193! GV/FK{v5  
VtFh1FDI\  
h~t]WN  
17:10:00 MSG:ucid 36:POST /j_acegi_security_check HTTP/1.1 cd#TKmh7re  
dno*Usx5d0  
huE#VY /t  
17:10:00 MSG:ucid 36 disconnected! h#9)M  
Joj8'  
-B!pg7>'##  
17:10:01 MSG:ucid 37 TCP connected from IP:140.205.225.193! aleIy}"  
yE>DQ *  
NeP1 #  
17:10:01 MSG:ucid 37:POST /j_acegi_security_check HTTP/1.1 iV=#'yY  
>LSA?dy!?  
ap!<8N  
17:10:01 MSG:ucid 37 disconnected! . b"e`Bw_=  
`{":*V   
~x+w@4)a>  
17:10:01 MSG:ucid 38 TCP connected from IP:140.205.225.193! R_ }(p2  
 $?YkgK  
umeb&\:8S-  
17:10:01 MSG:ucid 38:POST /j_acegi_security_check HTTP/1.1 `,O^=HBM  
+Xk!)Ge5E*  
EUgs2Fsb3  
17:10:01 MSG:ucid 38 disconnected! ) AIZE?oX  
HT'dft #  
y;H 3g#  
17:10:02 MSG:ucid 39 TCP connected from IP:140.205.225.193!  xMU)  
6SwHl_2%  
Rzk JS9)m  
17:10:02 MSG:ucid 39:POST /j_acegi_security_check HTTP/1.1 +?p ;,Z%5  
T+fU +GLD  
/T@lHxX  
17:10:02 MSG:ucid 39 disconnected! 2iu;7/  
%rsW:nl  
xab[  
17:10:02 MSG:ucid 40 TCP connected from IP:140.205.225.193! 0=04:.%D  
-mXEbsm  
LQe<mZ<  
17:10:02 MSG:ucid 40:POST /j_acegi_security_check HTTP/1.1 bm^ou#]|  
8K qv)FjB  
"o1/gV  
17:10:02 MSG:ucid 40 disconnected! R~b$7jpd  
 `@p*1  
&lD4-_2J  
17:10:03 MSG:ucid 41 TCP connected from IP:140.205.225.193! g7F>o76M  
5ZPl`[He  
c{[d@jt O  
17:10:03 MSG:ucid 41:POST /j_acegi_security_check HTTP/1.1 OG.`\G|  
+XQ6KG&  
7 9Iz,_  
17:10:03 MSG:ucid 41 disconnected! e2;"> tp6?  
#M:W?&.  
_L"rygit  
17:10:03 MSG:ucid 42 TCP connected from IP:140.205.225.193! MRs8l  
=I?p(MqW  
L%"&_v#a^  
17:10:03 MSG:ucid 42:POST /j_acegi_security_check HTTP/1.1 sbRg=k&Ns  
QF>H>=Za=  
dM QnN[d6  
17:10:03 MSG:ucid 42 disconnected! D%Wr/6X  
JO _a+Yl  
.EI/0"^  
17:10:04 MSG:ucid 43 TCP connected from IP:140.205.225.193! {#7t(:x  
4X^0:.bT&  
Z*JZ Ubo-Q  
17:10:04 MSG:ucid 43:POST /j_acegi_security_check HTTP/1.1 XVY^m}pMe  
:`_wy-}V  
;$86.2S>B  
17:10:04 MSG:ucid 43 disconnected! f1JvP\I0Q  
<Wl! Qog'  
BYu|loc  
17:10:04 MSG:ucid 44 TCP connected from IP:140.205.225.193! h.DQ6!?;s  
RVD=CX  
R(csJ4F  
17:10:04 MSG:ucid 44:POST /j_acegi_security_check HTTP/1.1 Y#uf 2>J  
nuvz!<5\{  
Z";o{@p  
17:10:04 MSG:ucid 44 disconnected!  pxP7yJL`  
0^hz1\g  
~=}56yxl[  
17:10:05 MSG:ucid 45 TCP connected from IP:140.205.225.193!  Q}G   
w2 CgEJ %  
i<-#yL5  
17:10:05 MSG:ucid 45:POST /j_acegi_security_check HTTP/1.1 J`\%'pEn  
puDy&T  
:I1bGa&I  
17:10:05 MSG:ucid 45 disconnected! $.v5G>- )3  
@UD6qA  
GX(p7ZgB2  
17:10:05 MSG:ucid 46 TCP connected from IP:140.205.225.193! .0Cpqn,[  
; 5oY)1  
:  wb\N'b  
17:10:05 MSG:ucid 46:POST /j_acegi_security_check HTTP/1.1 nJrV  
! G,Ru~j5:  
KrG$W/<tg  
17:10:05 MSG:ucid 46 disconnected! M7UVL&_z%  
/SSl$  
^-rb&kW@:  
17:10:06 MSG:ucid 47 TCP connected from IP:140.205.225.193! p-M QI }  
`}s)0 /}6  
Ws'3*HAce  
17:10:06 MSG:ucid 47:POST /j_acegi_security_check HTTP/1.1 2#ypM9  
,f4Hl%T;  
X`[or:cB  
17:10:06 MSG:ucid 47 disconnected! qJUu9[3'm  
iw<+rh*C  
BIS5u4  
17:10:06 MSG:ucid 48 TCP connected from IP:140.205.225.193! XP~4jOL]  
enE8T3   
nTp?  
17:10:06 MSG:ucid 48:POST /j_acegi_security_check HTTP/1.1 3/P2&m  
,"5Fw4G6*  
N'3Vt8o,  
17:10:06 MSG:ucid 48 disconnected! <LH(>  
T^%$  
D'c, z[  
17:10:07 MSG:ucid 49 TCP connected from IP:140.205.225.193! n:x6bPal]  
H~Hh $-z  
&qF   
17:10:07 MSG:ucid 49:POST /j_acegi_security_check HTTP/1.1 j)]mN$Sa:  
 ze{  
Z<;am  
17:10:07 MSG:ucid 49 disconnected! c"H*9u:  
d>VerZZU  
":tQYo]d  
17:10:07 MSG:ucid 29 disconnected! o&-q.;MY  
t9;yyZh  
o!dTB,Molr  
17:10:07 MSG:ucid 50 TCP connected from IP:140.205.225.193! uwU;glT  
$&OoxC  
eZ8~t/8  
17:10:07 MSG:ucid 50:POST /j_acegi_security_check HTTP/1.1 Z4b<$t[u  
0V }knR.l  
p;,Cvw{.;%  
17:10:07 MSG:ucid 50 disconnected! q$Gf9&ZO  
z GhJ  
[yF>W$Bn%  
17:10:08 MSG:ucid 51 TCP connected from IP:140.205.225.193! "u@)   
j,?>Q4G  
sL[&y'+  
17:10:08 MSG:ucid 51:GET /j_acegi_security_check HTTP/1.1 7Y"CeU-S  
:<=A1>&8  
tF}Vs}  
17:10:08 MSG:ucid 51 disconnected! no~hYy W2  
&-mPj82R  
p(-f$Q(  
17:10:09 MSG:ucid 52 TCP connected from IP:140.205.225.193! 'Y Bz?l9  
5xtIez]x?  
K; ,2ag  
17:10:09 MSG:ucid 52:POST /j_acegi_security_check HTTP/1.1 -rb]<FrL^  
= Bz yI  
35|F?Jx.r  
17:10:09 MSG:ucid 52 disconnected! V<A_c^unO  
J$JXY@mBSC  
%eW[`uyV  
17:10:09 MSG:ucid 53 TCP connected from IP:140.205.225.193! ~"6/OJA  
0.7* 2s-  
n#8N{ya5x1  
17:10:09 MSG:ucid 53:POST /j_acegi_security_check HTTP/1.1 MhaN+N  
6EfGJq  
HIM>%   
17:10:09 MSG:ucid 53 disconnected! NZ`Mq  
mMo<C_~w&  
ZU\TA|  
17:10:10 MSG:ucid 54 TCP connected from IP:140.205.225.193! "N\>v#>C  
7UM!<@9\  
$n>|9(K8  
17:10:10 MSG:ucid 54:POST /j_acegi_security_check HTTP/1.1 vF,\{sgW  
.b'hVOs{  
H~y 7o_tg  
17:10:10 MSG:ucid 54 disconnected! TNs ;#Q  
0`y;[qAG[  
yv2BbrYyy  
17:10:10 MSG:ucid 55 TCP connected from IP:140.205.225.193! c@iP^;D  
QJ1_LJ4)a  
Byq4PX%B  
17:10:10 MSG:ucid 55:POST /j_acegi_security_check HTTP/1.1 u7R:7$H  
MW&ww14  
Q?]307g7  
17:10:10 MSG:ucid 55 disconnected! K& / rzs-  
N#<h/  
s+m,ASj  
17:10:11 MSG:ucid 56 TCP connected from IP:140.205.225.193! ~b L^&o(W  
QI\&D)  
O%:EPdoU  
17:10:11 MSG:ucid 56:POST /j_acegi_security_check HTTP/1.1 j(JUOief  
@#sBom+K`  
T^'NC8v  
17:10:11 MSG:ucid 56 disconnected! |%6zhkoufM  
,":l >0P[  
9AJMm1 _  
17:10:11 MSG:ucid 57 TCP connected from IP:140.205.225.193! '&~A  
4E&= qC]S  
#)im9LLC#  
17:10:11 MSG:ucid 57:POST /j_acegi_security_check HTTP/1.1 9n][#I)a3  
[p3)C<;ZC  
iM'{,~8R5  
17:10:11 MSG:ucid 57 disconnected! 8!e1T,:b  
$O|J8;"v  
~4p@m>>  
17:10:12 MSG:ucid 58 TCP connected from IP:140.205.225.193! G4Y]fzC  
n[2[V*|mI  
H}KJd5A7  
17:10:12 MSG:ucid 58:POST /j_acegi_security_check HTTP/1.1 adEcIvN$  
+f)Nf) \q  
 gB\ a  
17:10:12 MSG:ucid 58 disconnected! nr/^HjMV  
\qPgQsy4  
U4hsbraz  
17:10:12 MSG:ucid 59 TCP connected from IP:140.205.225.193! XO |U4 #ya  
pq;)l( Hi  
0q_Ol]<V  
17:10:12 MSG:ucid 59:GET /phpMyAdmin/index.php HTTP/1.1 VU>s{_|{  
k]*DuVCOX  
1zE_ SNx  
17:10:12 MSG:ucid 60 TCP connected from IP:140.205.225.193! a ^+b(&;k  
sePOW#|  
gd9ZlHo'Id  
17:10:12 MSG:ucid 60:POST /j_acegi_security_check HTTP/1.1 AuZ?~I1  
2fc8w3  
|q$br-0+  
17:10:12 MSG:ucid 60 disconnected! ],%}}UN  
D_E^%Ea&`  
#mqz*=L3  
17:10:13 MSG:ucid 61 TCP connected from IP:140.205.225.193! ~mUP!f  
9.5hQZ  
MS Ui_|7  
17:10:13 MSG:ucid 61:POST /j_acegi_security_check HTTP/1.1 7`3he8@ze  
wL 5p0Xl  
'Mjbvh4  
17:10:13 MSG:ucid 61 disconnected! fTM^:vkO  
Q!>8E4Z  
WU1 I>i  
17:10:13 MSG:ucid 62 TCP connected from IP:140.205.225.193! ZMJ\C|S:  
%j=E}J<H5*  
UC*<]  
17:10:13 MSG:ucid 62:POST /j_acegi_security_check HTTP/1.1 hIa@JEIt  
x U1dy*-  
g#=^U`y  
17:10:13 MSG:ucid 62 disconnected! (CY VSO  
<R~(6krJwZ  
5}e-~-  
17:10:14 MSG:ucid 63 TCP connected from IP:140.205.225.193! z'r.LBnh  
^sH1YE}0  
*n?6x!A  
17:10:14 MSG:ucid 63:POST /j_acegi_security_check HTTP/1.1 n[WXIE<  
dQA J`9B  
;BoeE3* 6  
17:10:14 MSG:ucid 63 disconnected! X4i$,$C  
13A11XTp  
2!dIW5I  
17:10:14 MSG:ucid 64 TCP connected from IP:140.205.225.193! %{/0K<M  
9>le-}~  
D]b5*_CT  
17:10:14 MSG:ucid 64:POST /j_acegi_security_check HTTP/1.1 _?Jm.nT  
[ sz#*IJ  
2ok>z$Y  
17:10:14 MSG:ucid 64 disconnected!  [.z1  
/]]\jj#^  
. 36'=K  
17:10:15 MSG:ucid 65 TCP connected from IP:140.205.225.193! z!Jce}mx  
?Pmj}f  
T:cSv @G  
17:10:15 MSG:ucid 65:POST /j_acegi_security_check HTTP/1.1 9 J5Z'd_  
!0Xes0gK0  
TaM,9MAu  
17:10:15 MSG:ucid 65 disconnected! 7F?^gMi  
zZ-e2)1v  
f$V']dOj1q  
17:10:15 MSG:ucid 66 TCP connected from IP:140.205.225.193! x+yt| &B  
[Z Ea3/  
tvRa.3  
17:10:15 MSG:ucid 66:POST /j_acegi_security_check HTTP/1.1 -oF4mi8S  
`p1`Sxz?  
b'9G`Y s^  
17:10:15 MSG:ucid 66 disconnected! o}WbW }&  
S2jo@bp!  
Hg(\EEe  
17:10:16 MSG:ucid 67 TCP connected from IP:140.205.225.193! Gq-U}r  
oF ,8j1  
VdK-2O(.-  
17:10:16 MSG:ucid 67:POST /j_acegi_security_check HTTP/1.1 Y,E:?  
?wwY8e?S  
YVW!u6W'[6  
17:10:16 MSG:ucid 67 disconnected! _\o +9X!  
O gHWmb  
,rX!V=Z5  
17:10:16 MSG:ucid 68 TCP connected from IP:140.205.225.193! v/yk T9@;  
+oQ@E<)H  
 ITbl%q  
17:10:16 MSG:ucid 68:POST /j_acegi_security_check HTTP/1.1 Ti' GSL  
O~aS&g/sf  
/h2`?~k+  
17:10:16 MSG:ucid 68 disconnected! |Z2_1( ku  
tO~H/0  
8%nTDSp&t  
17:10:17 MSG:ucid 69 TCP connected from IP:140.205.225.193! ,9+@\  
K{|;'N-1  
};zF&  
17:10:17 MSG:ucid 69:POST /j_acegi_security_check HTTP/1.1 V l9\&EL  
Y}f%/vus  
g]d"d  
17:10:17 MSG:ucid 69 disconnected! l_f"}l  
{I2jLc  
W BiBtU  
17:10:17 MSG:ucid 70 TCP connected from IP:140.205.225.193! m&ZdtB|  
n!tCz<v  
VJ1 `&  
17:10:17 MSG:ucid 70:POST /j_acegi_security_check HTTP/1.1 rqa;MPl  
bq ~'jg^#  
mfx 'Yw*{  
17:10:17 MSG:ucid 70 disconnected! ;wvV hQ  
AMO{?:8Y;  
"HYK~V  
17:10:18 MSG:ucid 71 TCP connected from IP:140.205.225.193! zxsnrn;|  
m X2Qf8  
}Rt<^oya*  
17:10:18 MSG:ucid 71:POST /j_acegi_security_check HTTP/1.1 LTa9' q0  
^AEg?[q  
LL,~&5{  
17:10:18 MSG:ucid 71 disconnected! 4s$))x9p  
!A<?nz Uv  
I.( 9{  
17:10:18 MSG:ucid 72 TCP connected from IP:140.205.225.193! x&?35B i  
)I5f`r=Ry  
9h9Y:i*Gh5  
17:10:18 MSG:ucid 72:POST /j_acegi_security_check HTTP/1.1 d ch(HB}[  
w\\    
5$O@+W!?@  
17:10:18 MSG:ucid 72 disconnected! "2Ye\#BU6  
,Ma$:6`f  
LL:B H,[  
17:10:19 MSG:ucid 73 TCP connected from IP:140.205.225.193! 46$5f?Z  
@s@r5uR9B  
7, O_'T &  
17:10:19 MSG:ucid 73:POST /j_acegi_security_check HTTP/1.1 KWd]?e)  
&0N 3 p  
Pw+cpM 8<  
17:10:19 MSG:ucid 73 disconnected! 58=fT1 B  
DuCq16'0T  
aA\v  
17:10:19 MSG:ucid 74 TCP connected from IP:140.205.225.193! \bfNki  
:]?I|.a  
Aw >DZ2  
17:10:19 MSG:ucid 74:POST /j_acegi_security_check HTTP/1.1 [dUW3}APV  
$e0sa=/  
"|&SC0*  
17:10:19 MSG:ucid 74 disconnected! h( Iti&  
glHHr  
$ABW|r  
17:10:20 MSG:ucid 75 TCP connected from IP:140.205.225.193! 6R"& !.ZF  
V>z8 *28S.  
RD,` D!  
17:10:20 MSG:ucid 75:POST /j_acegi_security_check HTTP/1.1 m[%&K W(  
%m{h1UQQ +  
 Q L  
17:10:20 MSG:ucid 75 disconnected! 3M/kfy  
k`xPf\^tf  
[?_^Cy  
17:10:20 MSG:ucid 76 TCP connected from IP:140.205.225.193! "y#$| TMB  
td{$ c6  
W!htCwnkF  
17:10:20 MSG:ucid 76:POST /j_acegi_security_check HTTP/1.1 [N.4 i" Cd  
Wc#4%kT  
{ge^&l  
17:10:20 MSG:ucid 76 disconnected! "){"{~  
yP6^& 'I+  
,n^{!^JW  
17:10:21 MSG:ucid 77 TCP connected from IP:140.205.225.193! eY;XF.mF  
8)/d8@  
2I>X]r.S!1  
17:10:21 MSG:ucid 77:POST /j_acegi_security_check HTTP/1.1 }~y i6!w'  
9x23## s  
<V>]-bl/  
17:10:21 MSG:ucid 77 disconnected! Wv8?G~>  
4ba[*R2  
4*P#3 B'@V  
17:10:21 MSG:ucid 78 TCP connected from IP:140.205.225.193! C[6} 8J|  
_<qe= hie!  
+Hgil  
17:10:21 MSG:ucid 78:POST /j_acegi_security_check HTTP/1.1 +DU^"q=  
<Z5-?wgf9  
_Dr9 w&;<  
17:10:21 MSG:ucid 78 disconnected! 3K!(/,`  
^CO{86V  
~G,_4}#"pM  
17:10:22 MSG:ucid 79 TCP connected from IP:140.205.225.193! ]l>LU2 sx  
^m~&2l\N=  
R-LMV  
17:10:22 MSG:ucid 79:POST /j_acegi_security_check HTTP/1.1 70Jx[3vr  
)0+6^[Tqq  
@ <(4J   
17:10:22 MSG:ucid 79 disconnected! g&z8t;@  
n&OM~Vs  
J/LsL k  
17:10:22 MSG:ucid 59 disconnected! t xE=AOY5  
aKjP{Z0k$  
~jC+6v  
17:10:22 MSG:ucid 80 TCP connected from IP:140.205.225.193! e[ yN  
h4Wt oE>i  
UodBK7y  
17:10:22 MSG:ucid 80:POST /j_acegi_security_check HTTP/1.1 &^2SdF  
i/j53towe  
"!+gA&  
17:10:22 MSG:ucid 80 disconnected! Lq|>n Y  
ZDg(D"  
DA1?M'N  
17:10:23 MSG:ucid 81 TCP connected from IP:140.205.225.193! e:%|.$4OG  
~8s2p%~  
+F-EgF+J  
17:10:23 MSG:ucid 81:POST /j_acegi_security_check HTTP/1.1 m9vX8;.  
pO_IUkt  
AbxhNNK  
17:10:23 MSG:ucid 81 disconnected! |lt]9>|  
|BbzRis  
`^52I kM)  
17:10:23 MSG:ucid 82 TCP connected from IP:140.205.225.193! Y{D%v  
I)tiXcJw  
1W\E`)Z}]  
17:10:23 MSG:ucid 82:POST /j_acegi_security_check HTTP/1.1 !$A/.;0$  
ki?h7  
h%:rJ_#Zl  
17:10:23 MSG:ucid 82 disconnected! L RVcf  
RN[I%^$"  
];Z6=9n  
17:10:24 MSG:ucid 83 TCP connected from IP:140.205.225.193! <XIIT-b[  
8LbwEKl  
W7^[W.  
17:10:24 MSG:ucid 83:POST /j_acegi_security_check HTTP/1.1 7 p{Pmq[  
CuWJai:nQ;  
CZ<T@k  
17:10:24 MSG:ucid 83 disconnected! DsejZ&  
H/c (m|KK  
Iko]c_W0  
17:10:24 MSG:ucid 84 TCP connected from IP:140.205.225.193! $iu[-my_  
>#w;67he2  
m[^lu1\wn  
17:10:24 MSG:ucid 84:POST /j_acegi_security_check HTTP/1.1 #;$]M4  
93>4n\  
){*+s RBW  
17:10:24 MSG:ucid 84 disconnected! flsejj$  
Fl-\{vOn  
T#) )_aC  
17:10:25 MSG:ucid 85 TCP connected from IP:140.205.225.193! 5o#JHD  
Nc;O)K!FH  
V)j[`,M:  
17:10:25 MSG:ucid 85:POST /j_acegi_security_check HTTP/1.1 zxbf h/=  
Z!)~?<gcq:  
p;O%W@n"  
17:10:25 MSG:ucid 85 disconnected! JZ:@iI5>+  
q,vWu(.  
XBQt:7[<  
17:10:25 MSG:ucid 86 TCP connected from IP:140.205.225.193! qN $t_  
T5(S2^)o  
Vw;Z0_C  
17:10:25 MSG:ucid 86:POST /j_acegi_security_check HTTP/1.1 *doNPp)m  
F5h/>  
CKYg!\g(:  
17:10:25 MSG:ucid 86 disconnected! -U d^\Yy  
,/42^|=Z6O  
`(e :H  
17:10:26 MSG:ucid 87 TCP connected from IP:140.205.225.193! @5Xo2}o-Q  
g !'R}y  
$[ {5+*  
17:10:26 MSG:ucid 87:POST /j_acegi_security_check HTTP/1.1 [#PE'i4  
eb62(:=N6  
~}Xus?e  
17:10:26 MSG:ucid 87 disconnected! Lc*>sOm9  
%;PpwI  
t" .Ytz>  
17:10:27 MSG:ucid 88 TCP connected from IP:140.205.225.193! p/.8})c1r  
;]{ee?Q^ld  
BOs/:ZbK0W  
17:10:27 MSG:ucid 88:GET /pma/index.php HTTP/1.1 RB5SK#z  
XYEwn_Y  
*{g3ia  
17:10:37 MSG:ucid 88 disconnected! U!wi;W2  
,YYEn^:>  
RK3y q$  
17:10:42 MSG:ucid 89 TCP connected from IP:140.205.225.193! 1U 6B$(V^i  
0> f!S` *  
hXW` n*Zw  
17:10:42 MSG:ucid 89:GET /pmd/index.php HTTP/1.1 ex3Qbr  
*rxr:y#Ve  
Q;M\fBQO}&  
17:10:52 MSG:ucid 89 disconnected! _plK(g-1J%  
}z3j7I  
6Rc=!_v^  
17:10:57 MSG:ucid 90 TCP connected from IP:140.205.225.193! K1& QAXyP  
9&6juL  
%)ho<z:7U  
17:10:57 MSG:ucid 90:GET /phpmyadmin/index.php HTTP/1.1 Cux(v8=n  
?jx]%n fV  
-YRIe<}E -  
17:11:07 MSG:ucid 90 disconnected! Z;BS@e  
Hbm 4oYN  
qd`e:s*%  
17:11:12 MSG:ucid 91 TCP connected from IP:140.205.225.193! {SoI;o_>  
n 8cA8<  
kaG/8G(  
17:11:12 MSG:ucid 91:GET /phpMyAdmin/index.php HTTP/1.1 FDHW' OP4  
LPk@t^[  
Q7%4`_$!  
17:11:22 MSG:ucid 91 disconnected! 6Q.S  
H4/wO  
<izQ]\kL  
17:11:27 MSG:ucid 92 TCP connected from IP:140.205.225.193! .@1+}0  
h`[$ Bp  
.RD<]BxJ  
17:11:27 MSG:ucid 92:GET /pma/index.php HTTP/1.1 UaT%tv>}8#  
_O9V"DM  
jhu &Wh  
17:11:37 MSG:ucid 92 disconnected! B(Sy.n  
R@e'=z[%1  
/:dLqyQ_V  
17:11:42 MSG:ucid 93 TCP connected from IP:140.205.225.193! [4)Oi-_Y>  
`L1,JE` q  
c*USA eP  
17:11:42 MSG:ucid 93:GET /pmd/index.php HTTP/1.1 m/HT3<F  
^r}c&@  
d;i|s[6ds`  
17:11:52 MSG:ucid 93 disconnected! ffKgVQux  
st'T._  
,'L>:pF3  
17:12:05 MSG:ucid 94 TCP connected from IP:140.205.225.193! OL'Ito  
0G%9 @^B  
)p& g!qA  
17:12:08 MSG:ucid 94 disconnected! _]:b@gXUw  
 01kRe  
/:|vJ|dJ  
17:14:33 MSG:httpsrv stop success!
[ 此帖被jiangyong在2017-05-19 17:44重新编辑 ]
级别: 小白
发帖
27
云币
31
只看该作者 沙发  发表于: 2017-05-19
Re把日志做的更详细些,终于看到了阿里扫描用户的8080端口在做什么。
基本就是这些; .1QGNW  
GET / HTTP/1.1 j cd<'\;  
GET /clusters.jsf HTTP/1.1 %-hSa~20  
GET /jenkins/ HTTP/1.1 srS!X$cec  
GET /zabbix/ HTTP/1.1 ;`AB-  
GET /solr/ HTTP/1.1 X4!93  
GET /j_acegi_security_check HTTP/1.1 VFE@qX|  
POST /j_acegi_security_check HTTP/1.1 )@]%:m!ER  
uYW4$6S 3  
GET不到j_acegi_security_check 就不断的POST,程序根本就是不支持POST命令。
级别: 小白
发帖
27
云币
31
只看该作者 板凳  发表于: 2017-05-19
Re把日志做的更详细些,终于看到了阿里扫描用户的8080端口在做什么。
17:10:27 MSG:ucid 88:GET /pma/index.php HTTP/1.1 n"iS[uj,  
17:10:57 MSG:ucid 90:GET /phpmyadmin/index.php HTTP/1.1 HDm]njF%qQ  
Mo/R+\u+Y  
GET这些又是啥子意思呢?
级别: 分析狮
发帖
1651
云币
1800
只看该作者 地板  发表于: 2017-05-20
云盾安全扫描,避免爆.破
发表主题 回复主题
« 返回列表上一主题下一主题

限100 字节
批量上传需要先选择文件,再选择上传
 
验证问题: 53 + 13 = ?
上一个 下一个