編集履歴

質問編集履歴

追記

2019/10/29 05:16

投稿

kitamura472

スコア7

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -33,3 +33,13 @@
 123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
 123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
+---------------------- ご質問に関しての追記 ---------------------
+犯人が攻撃している部分はindex.htmlであり、ただの静的なページになります。パラメータも付いていない点、PHPなども含まれておらず、apacheかそれよりも前の脆弱性を狙っているものと推測しております。

数値を修正

2019/10/29 05:16

投稿

kitamura472

スコア7

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -14,7 +14,7 @@
-アクセスログには以下のような記録が残ります。1分くらい攻撃を受けると408が400に変わります。(※IPやドメイン名は例です）
+アクセスログには以下のような記録が大量に残ります(1万行くらい)。1分くらい攻撃を受けると408が400に変わります。(※IPやドメイン名は例です）

最初の投稿内容に誤記がありました。

2019/10/29 00:57

投稿

kitamura472

スコア7

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -14,36 +14,22 @@
-アクセスログには以下のような記録が残ります。(IPやドメイン名は例です）
+アクセスログには以下のような記録が残ります。1分くらい攻撃を受けると408が400に変わります。(※IPやドメイン名は例です）
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
+123.456.789.12 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
+123.456.789.12 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
+123.456.789.12 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
+123.456.789.12 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
+123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
+123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
+123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
-123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
+123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"