質問編集履歴
3
追記
test
CHANGED
File without changes
|
test
CHANGED
@@ -33,3 +33,13 @@
|
|
33
33
|
123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
34
34
|
|
35
35
|
123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
36
|
+
|
37
|
+
|
38
|
+
|
39
|
+
|
40
|
+
|
41
|
+
|
42
|
+
|
43
|
+
---------------------- ご質問に関しての追記 ---------------------
|
44
|
+
|
45
|
+
犯人が攻撃している部分はindex.htmlであり、ただの静的なページになります。パラメータも付いていない点、PHPなども含まれておらず、apacheかそれよりも前の脆弱性を狙っているものと推測しております。
|
2
数値を修正
test
CHANGED
File without changes
|
test
CHANGED
@@ -14,7 +14,7 @@
|
|
14
14
|
|
15
15
|
|
16
16
|
|
17
|
-
アクセスログには以下のような記録が残ります。1分くらい攻撃を受けると408が400に変わります。(※IPやドメイン名は例です)
|
17
|
+
アクセスログには以下のような記録が大量に残ります(1万行くらい)。1分くらい攻撃を受けると408が400に変わります。(※IPやドメイン名は例です)
|
18
18
|
|
19
19
|
|
20
20
|
|
1
最初の投稿内容に誤記がありました。
test
CHANGED
File without changes
|
test
CHANGED
@@ -14,36 +14,22 @@
|
|
14
14
|
|
15
15
|
|
16
16
|
|
17
|
-
アクセスログには以下のような記録が残ります。(IPやドメイン名は例です)
|
17
|
+
アクセスログには以下のような記録が残ります。1分くらい攻撃を受けると408が400に変わります。(※IPやドメイン名は例です)
|
18
18
|
|
19
19
|
|
20
20
|
|
21
|
-
123.
|
21
|
+
123.456.789.12 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
22
22
|
|
23
|
-
123.
|
23
|
+
123.456.789.12 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
24
24
|
|
25
|
-
123.
|
25
|
+
123.456.789.12 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
26
26
|
|
27
|
-
123.
|
27
|
+
123.456.789.12 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
28
28
|
|
29
|
-
123.
|
29
|
+
123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
30
30
|
|
31
|
-
123.
|
31
|
+
123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
32
32
|
|
33
|
-
123.
|
33
|
+
123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
34
34
|
|
35
|
-
123.
|
36
|
-
|
37
|
-
123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
38
|
-
|
39
|
-
123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
40
|
-
|
41
|
-
123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
42
|
-
|
43
|
-
123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
44
|
-
|
45
|
-
123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
46
|
-
|
47
|
-
123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
48
|
-
|
49
|
-
123.104.156.15 - - [26/Oct/2019:13:11:37 +0900] "GET http://exsample.com HTTP/1.1" 408 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|
35
|
+
123.456.789.12 - - [26/Oct/2019:13:12:37 +0900] "GET http://exsample.com HTTP/1.1" 400 226 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
|