浏览 9272 次
精华帖 (1) :: 良好帖 (0) :: 灌水帖 (0) :: 隐藏帖 (0)
|
|
---|---|
作者 | 正文 |
发表时间:2009-04-21
最后修改:2009-04-26
最近这2天有用户访问JavaEye时候,会出现乱码和杀毒软件报警情况,经查发现JavaEye服务器所在网段之内某台Windows服务器被黑,该台服务器向网段内疯狂发送ARP数据包,劫持了网关。造成用户访问JavaEye服务器的时候,网关错误的把访问请求转发给了该台Windows服务器,而这台被黑的服务器会添加一小段恶意html片段,造成用户访问JavaEye的时候杀毒软件报警! JavaEye的服务器早就已经绑定了网关的IP和Mac地址,但是所在网段的网关在ARP攻击方面的安全性不好,我们今天下午已经给机房管理员通过电话,管理员表示,已经发现该台被黑的Windows服务器,并且正在重装该台服务器。 善意提醒:千万不要用Windows做网站服务器,否则害人害己 buaawhl 写道 Firefox 的可用性虽然比不上 Opera,但是提供了很多好用的插件。 Live Header Http 可以列出 HTTP Requst/Response Header. 抓到了一些来自黑掉JE机房网段病毒源网站的 HTTP Header. 请不要直接访问其中的病毒源网址。可以把那些病毒源网址加到浏览器的屏蔽列表中。 http://www.iteye.com/forums/board/Life GET /forums/board/Life HTTP/1.1 Host: www.iteye.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.0.9) Gecko/2009040821 Firefox/3.0.9 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-cn,zh;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: gb2312,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: remember_me=no HTTP/1.x 200 OK Content-Length: 6664 Content-Type: text/html ---------------------------------------------------------- http://dt.tongji.cn.yahoo.com/ystat.do?unit_id=1051117&uv=18464225063575729057&nuv=0&cna=&cg=0&mid=0&mmland=0&ade=0&adtm=0&sttm=0&cpa=0&ss=342877752&usn=1&ec=1&ref=http%3A//www.iteye.com/forums/board/Life&url=http%3A//xyq.djl87.cn/1/13/index.htm&dom=djl87.cn&ha=680&ft=0&nac=Netscape&agt=Mozilla/5.0%20%28Windows%3B%20U%3B%20Windows%20NT%205.1%3B%20zh-CN%3B%20rv%3A1.9.0.9%29%20Gecko/2009040821%20Firefox/3.0.9&clr=32-bit&scr=1280x800&lng=zh-cn&jvm=1&flu=&tm=1240728954&tc=8c5ed1c7&ut=0&cnu=0.006899038916998057 GET /ystat.do?unit_id=1051117&uv=18464225063575729057&nuv=0&cna=&cg=0&mid=0&mmland=0&ade=0&adtm=0&sttm=0&cpa=0&ss=342877752&usn=1&ec=1&ref=http%3A//www.iteye.com/forums/board/Life&url=http%3A//xyq.djl87.cn/1/13/index.htm&dom=djl87.cn&ha=680&ft=0&nac=Netscape&agt=Mozilla/5.0%20%28Windows%3B%20U%3B%20Windows%20NT%205.1%3B%20zh-CN%3B%20rv%3A1.9.0.9%29%20Gecko/2009040821%20Firefox/3.0.9&clr=32-bit&scr=1280x800&lng=zh-cn&jvm=1&flu=&tm=1240728954&tc=8c5ed1c7&ut=0&cnu=0.006899038916998057 HTTP/1.1 Host: dt.tongji.cn.yahoo.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.0.9) Gecko/2009040821 Firefox/3.0.9 Accept: */* Accept-Language: zh-cn,zh;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: gb2312,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://xyq.djl87.cn/1/13/index.htm Cookie: B=dgcsh514tu032&b=3&s=si; cna=zOtlAoUljhMBARISfHtb9MZV HTTP/1.x 200 OK Date: Sun, 26 Apr 2009 06:59:49 GMT Server: Apache/1.3.41 (Unix) PHP/5.2.9 X-Powered-By: PHP/5.2.9 Connection: close Transfer-Encoding: chunked Content-Type: text/html ---------------------------------------------------------- http://count7.51much.com/cnt.php?uid=UA-1-12898&style=text&text=%CD%F8%D5%BE%CD%B3%BC%C6 GET /cnt.php?uid=UA-1-12898&style=text&text=%CD%F8%D5%BE%CD%B3%BC%C6 HTTP/1.1 Host: count7.51much.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.0.9) Gecko/2009040821 Firefox/3.0.9 Accept: */* Accept-Language: zh-cn,zh;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: gb2312,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://xyq.djl87.cn/1/13/index.htm HTTP/1.x 200 OK Date: Sun, 26 Apr 2009 07:01:07 GMT Server: Apache X-Powered-By: PHP/4.4.8 Content-Length: 5887 Connection: close Content-Type: text/html ---------------------------------------------------------- http://61.129.45.194/51much/count7.php?sid=12898&vtype=2&c_lang=zh-cn&c_page=xyq.djl87.cn/1/13/index.htm&fromr=http%3A//www.iteye.com/forums/board/Life&sr=1280x800&sc=32&ce=1&uagent=Mozilla/5.0%20%28Windows%3B%20U%3B%20Windows%20NT%205.1%3B%20zh-CN%3B%20rv%3A1.9.0.9%29%20Gecko/2009040821%20Firefox/3.0.9&je=1&wpages=xyq.djl87.cn/1/13/index.htm%26%7E1240729130%5E@&a_ol=43&t_ol=43&vtimes=1&vdepth=1 GET /51much/count7.php?sid=12898&vtype=2&c_lang=zh-cn&c_page=xyq.djl87.cn/1/13/index.htm&fromr=http%3A//www.iteye.com/forums/board/Life&sr=1280x800&sc=32&ce=1&uagent=Mozilla/5.0%20%28Windows%3B%20U%3B%20Windows%20NT%205.1%3B%20zh-CN%3B%20rv%3A1.9.0.9%29%20Gecko/2009040821%20Firefox/3.0.9&je=1&wpages=xyq.djl87.cn/1/13/index.htm%26%7E1240729130%5E@&a_ol=43&t_ol=43&vtimes=1&vdepth=1 HTTP/1.1 Host: 61.129.45.194 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.9.0.9) Gecko/2009040821 Firefox/3.0.9 Accept: */* Accept-Language: zh-cn,zh;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: gb2312,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://xyq.djl87.cn/1/13/index.htm HTTP/1.x 200 OK Date: Sun, 26 Apr 2009 07:02:16 GMT Server: Apache X-Powered-By: PHP/5.2.10-dev Content-Length: 1 Connection: close Content-Type: text/html ---------------------------------------------------------- 声明:ITeye文章版权属于作者,受法律保护。没有作者书面许可不得转载。
推荐链接
|
|
返回顶楼 | |