hikhik
27-08-2007, 07:16
Cách đây không lâu, server của em bị DDOS. Server VDC nhưng cũng không chịu nổi 270 secsion cùng lúc.
Xem log truy cập thì em phát hiện kiểu request khá lạ. Em gửi lên đây mong các anh chỉ cho em xem đây là kiểu gì:
64.119.61.85 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=274&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=374&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=481&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=82&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=351&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=45&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=81&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=83&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=261&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=481&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=83&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=719&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=82&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=351&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=454&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=719&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=274&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=261&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=45&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=454&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=81&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=374&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=374&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=274&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=82&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=45&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=481&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:02 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=83&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:02 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=351&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:02 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=481&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:02 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=81&%0F=1 HTTP/1.1" 200 79
Server của em bị X-Flash, lúc view log em có truy ra đc địa chỉ đặt file Flash nhưng không làm gì đc. Em cứ thắc mắc mãi về cái request này. Thử đặt nó vào Address thì không có gì đặc biệt, nó về index. Liệu nó có ảnh hưởng gì, hay chỉ là 1 request bình thường.
Cảm ơn các anh.
Xem log truy cập thì em phát hiện kiểu request khá lạ. Em gửi lên đây mong các anh chỉ cho em xem đây là kiểu gì:
64.119.61.85 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=274&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=374&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=481&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=82&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=351&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:02:59 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=45&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=81&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=83&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=261&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=481&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=83&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=719&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=82&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=351&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=454&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:00 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=719&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=274&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=261&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=45&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=454&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=81&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=374&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=374&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=274&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=82&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=45&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:01 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=481&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:02 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=83&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:02 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=351&%0F=1 HTTP/1.1" 200 79
68.33.91.20 - - [15/Aug/2007:01:03:02 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=481&%0F=1 HTTP/1.1" 200 79
64.119.61.85 - - [15/Aug/2007:01:03:02 +0700] "GET /forum/index.php?%01%02=%5Btype+Function%5D&%01=81&%0F=1 HTTP/1.1" 200 79
Server của em bị X-Flash, lúc view log em có truy ra đc địa chỉ đặt file Flash nhưng không làm gì đc. Em cứ thắc mắc mãi về cái request này. Thử đặt nó vào Address thì không có gì đặc biệt, nó về index. Liệu nó có ảnh hưởng gì, hay chỉ là 1 request bình thường.
Cảm ơn các anh.