把日志做的更详细些,终于看到了阿里扫描用户的8080端口在做什么。
自己写了一个简易的http协议升级wesocket协议,绑定到8080端口,又不是标准的http协议80端口,为何阿里要用http协议来扫描8080端口。下面是记录的日志(只开了10分钟):
17:01:39 MSG:ucid 1 TCP connected from IP:120.132.3.151!
17:01:39 MSG:ucid 2 TCP connected from IP:120.132.3.151!
17:01:39 MSG:ucid 3 TCP connected from IP:120.132.3.151!
17:01:39 MSG:ucid 3:GET http://www.qq.com/404/search_children.js HTTP/1.1
17:01:39 MSG:ucid 3 disconnected!
17:01:44 MSG:ucid 1 disconnected!
17:01:44 MSG:ucid 2 disconnected!
17:08:08 MSG:ucid 4 TCP connected from IP:140.205.225.193!
17:08:08 MSG:ucid 4:GET / HTTP/1.1
17:08:08 MSG:ucid 4 disconnected!
17:08:14 MSG:ucid 5 TCP connected from IP:140.205.225.193!
17:08:14 MSG:ucid 5:GET / HTTP/1.1
17:08:14 MSG:ucid 5 disconnected!
17:08:34 MSG:ucid 6 TCP connected from IP:140.205.225.193!
17:08:34 MSG:ucid 6:GET / HTTP/1.1
17:08:34 MSG:ucid 6 disconnected!
17:08:38 MSG:ucid 7 TCP connected from IP:140.205.225.193!
17:08:38 MSG:ucid 7:GET /clusters.jsf HTTP/1.1
17:08:38 MSG:ucid 7 disconnected!
17:09:16 MSG:ucid 8 TCP connected from IP:140.205.225.193!
17:09:16 MSG:ucid 8:GET / HTTP/1.1
17:09:16 MSG:ucid 8 disconnected!
17:09:17 MSG:ucid 9 TCP connected from IP:140.205.225.193!
17:09:17 MSG:ucid 9:GET /jenkins/ HTTP/1.1
17:09:17 MSG:ucid 9 disconnected!
17:09:18 MSG:ucid 10 TCP connected from IP:140.205.225.193!
17:09:18 MSG:ucid 10:GET /zabbix/ HTTP/1.1
17:09:18 MSG:ucid 10 disconnected!
17:09:18 MSG:ucid 11 TCP connected from IP:140.205.225.193!
17:09:18 MSG:ucid 11:GET / HTTP/1.1
17:09:19 MSG:ucid 11 disconnected!
17:09:20 MSG:ucid 12 TCP connected from IP:140.205.225.193!
17:09:20 MSG:ucid 12:GET / HTTP/1.1
17:09:20 MSG:ucid 12 disconnected!
17:09:20 MSG:ucid 13 TCP connected from IP:140.205.225.193!
17:09:20 MSG:ucid 13:GET /solr/ HTTP/1.1
17:09:20 MSG:ucid 13 disconnected!
17:09:50 MSG:ucid 14 TCP connected from IP:140.205.225.193!
17:09:50 MSG:ucid 14:GET /j_acegi_security_check HTTP/1.1
17:09:50 MSG:ucid 14 disconnected!
17:09:50 MSG:ucid 15 TCP connected from IP:140.205.225.193!
17:09:50 MSG:ucid 15:POST /j_acegi_security_check HTTP/1.1
17:09:50 MSG:ucid 15 disconnected!
17:09:51 MSG:ucid 16 TCP connected from IP:140.205.225.193!
17:09:51 MSG:ucid 16:POST /j_acegi_security_check HTTP/1.1
17:09:51 MSG:ucid 16 disconnected!
17:09:51 MSG:ucid 17 TCP connected from IP:140.205.225.193!
17:09:51 MSG:ucid 17:POST /j_acegi_security_check HTTP/1.1
17:09:51 MSG:ucid 17 disconnected!
17:09:52 MSG:ucid 18 TCP connected from IP:140.205.225.193!
17:09:52 MSG:ucid 18:POST /j_acegi_security_check HTTP/1.1
17:09:52 MSG:ucid 18 disconnected!
17:09:52 MSG:ucid 19 TCP connected from IP:140.205.225.193!
17:09:52 MSG:ucid 19:POST /j_acegi_security_check HTTP/1.1
17:09:52 MSG:ucid 19 disconnected!
17:09:53 MSG:ucid 20 TCP connected from IP:140.205.225.193!
17:09:53 MSG:ucid 20:POST /j_acegi_security_check HTTP/1.1
17:09:53 MSG:ucid 20 disconnected!
17:09:53 MSG:ucid 21 TCP connected from IP:140.205.225.193!
17:09:53 MSG:ucid 21:POST /j_acegi_security_check HTTP/1.1
17:09:53 MSG:ucid 21 disconnected!
17:09:54 MSG:ucid 22 TCP connected from IP:140.205.225.193!
17:09:54 MSG:ucid 22:POST /j_acegi_security_check HTTP/1.1
17:09:54 MSG:ucid 22 disconnected!
17:09:54 MSG:ucid 23 TCP connected from IP:140.205.225.193!
17:09:54 MSG:ucid 23:POST /j_acegi_security_check HTTP/1.1
17:09:54 MSG:ucid 23 disconnected!
17:09:55 MSG:ucid 24 TCP connected from IP:140.205.225.193!
17:09:55 MSG:ucid 24:POST /j_acegi_security_check HTTP/1.1
17:09:55 MSG:ucid 24 disconnected!
17:09:55 MSG:ucid 25 TCP connected from IP:140.205.225.193!
17:09:55 MSG:ucid 25:POST /j_acegi_security_check HTTP/1.1
17:09:55 MSG:ucid 25 disconnected!
17:09:56 MSG:ucid 26 TCP connected from IP:140.205.225.193!
17:09:56 MSG:ucid 26:POST /j_acegi_security_check HTTP/1.1
17:09:56 MSG:ucid 26 disconnected!
17:09:56 MSG:ucid 27 TCP connected from IP:140.205.225.193!
17:09:56 MSG:ucid 27:POST /j_acegi_security_check HTTP/1.1
17:09:56 MSG:ucid 27 disconnected!
17:09:57 MSG:ucid 28 TCP connected from IP:140.205.225.193!
17:09:57 MSG:ucid 28:POST /j_acegi_security_check HTTP/1.1
17:09:57 MSG:ucid 28 disconnected!
17:09:57 MSG:ucid 29 TCP connected from IP:140.205.225.193!
17:09:57 MSG:ucid 29:GET /phpmyadmin/index.php HTTP/1.1
17:09:57 MSG:ucid 30 TCP connected from IP:140.205.225.193!
17:09:57 MSG:ucid 30:POST /j_acegi_security_check HTTP/1.1
17:09:57 MSG:ucid 30 disconnected!
17:09:58 MSG:ucid 31 TCP connected from IP:140.205.225.193!
17:09:58 MSG:ucid 31:POST /j_acegi_security_check HTTP/1.1
17:09:58 MSG:ucid 31 disconnected!
17:09:58 MSG:ucid 32 TCP connected from IP:140.205.225.193!
17:09:58 MSG:ucid 32:POST /j_acegi_security_check HTTP/1.1
17:09:58 MSG:ucid 32 disconnected!
17:09:59 MSG:ucid 33 TCP connected from IP:140.205.225.193!
17:09:59 MSG:ucid 33:POST /j_acegi_security_check HTTP/1.1
17:09:59 MSG:ucid 33 disconnected!
17:09:59 MSG:ucid 34 TCP connected from IP:140.205.225.193!
17:09:59 MSG:ucid 34:POST /j_acegi_security_check HTTP/1.1
17:09:59 MSG:ucid 34 disconnected!
17:10:00 MSG:ucid 35 TCP connected from IP:140.205.225.193!
17:10:00 MSG:ucid 35:POST /j_acegi_security_check HTTP/1.1
17:10:00 MSG:ucid 35 disconnected!
17:10:00 MSG:ucid 36 TCP connected from IP:140.205.225.193!
17:10:00 MSG:ucid 36:POST /j_acegi_security_check HTTP/1.1
17:10:00 MSG:ucid 36 disconnected!
17:10:01 MSG:ucid 37 TCP connected from IP:140.205.225.193!
17:10:01 MSG:ucid 37:POST /j_acegi_security_check HTTP/1.1
17:10:01 MSG:ucid 37 disconnected!
17:10:01 MSG:ucid 38 TCP connected from IP:140.205.225.193!
17:10:01 MSG:ucid 38:POST /j_acegi_security_check HTTP/1.1
17:10:01 MSG:ucid 38 disconnected!
17:10:02 MSG:ucid 39 TCP connected from IP:140.205.225.193!
17:10:02 MSG:ucid 39:POST /j_acegi_security_check HTTP/1.1
17:10:02 MSG:ucid 39 disconnected!
17:10:02 MSG:ucid 40 TCP connected from IP:140.205.225.193!
17:10:02 MSG:ucid 40:POST /j_acegi_security_check HTTP/1.1
17:10:02 MSG:ucid 40 disconnected!
17:10:03 MSG:ucid 41 TCP connected from IP:140.205.225.193!
17:10:03 MSG:ucid 41:POST /j_acegi_security_check HTTP/1.1
17:10:03 MSG:ucid 41 disconnected!
17:10:03 MSG:ucid 42 TCP connected from IP:140.205.225.193!
17:10:03 MSG:ucid 42:POST /j_acegi_security_check HTTP/1.1
17:10:03 MSG:ucid 42 disconnected!
17:10:04 MSG:ucid 43 TCP connected from IP:140.205.225.193!
17:10:04 MSG:ucid 43:POST /j_acegi_security_check HTTP/1.1
17:10:04 MSG:ucid 43 disconnected!
17:10:04 MSG:ucid 44 TCP connected from IP:140.205.225.193!
17:10:04 MSG:ucid 44:POST /j_acegi_security_check HTTP/1.1
17:10:04 MSG:ucid 44 disconnected!
17:10:05 MSG:ucid 45 TCP connected from IP:140.205.225.193!
17:10:05 MSG:ucid 45:POST /j_acegi_security_check HTTP/1.1
17:10:05 MSG:ucid 45 disconnected!
17:10:05 MSG:ucid 46 TCP connected from IP:140.205.225.193!
17:10:05 MSG:ucid 46:POST /j_acegi_security_check HTTP/1.1
17:10:05 MSG:ucid 46 disconnected!
17:10:06 MSG:ucid 47 TCP connected from IP:140.205.225.193!
17:10:06 MSG:ucid 47:POST /j_acegi_security_check HTTP/1.1
17:10:06 MSG:ucid 47 disconnected!
17:10:06 MSG:ucid 48 TCP connected from IP:140.205.225.193!
17:10:06 MSG:ucid 48:POST /j_acegi_security_check HTTP/1.1
17:10:06 MSG:ucid 48 disconnected!
17:10:07 MSG:ucid 49 TCP connected from IP:140.205.225.193!
17:10:07 MSG:ucid 49:POST /j_acegi_security_check HTTP/1.1
17:10:07 MSG:ucid 49 disconnected!
17:10:07 MSG:ucid 29 disconnected!
17:10:07 MSG:ucid 50 TCP connected from IP:140.205.225.193!
17:10:07 MSG:ucid 50:POST /j_acegi_security_check HTTP/1.1
17:10:07 MSG:ucid 50 disconnected!
17:10:08 MSG:ucid 51 TCP connected from IP:140.205.225.193!
17:10:08 MSG:ucid 51:GET /j_acegi_security_check HTTP/1.1
17:10:08 MSG:ucid 51 disconnected!
17:10:09 MSG:ucid 52 TCP connected from IP:140.205.225.193!
17:10:09 MSG:ucid 52:POST /j_acegi_security_check HTTP/1.1
17:10:09 MSG:ucid 52 disconnected!
17:10:09 MSG:ucid 53 TCP connected from IP:140.205.225.193!
17:10:09 MSG:ucid 53:POST /j_acegi_security_check HTTP/1.1
17:10:09 MSG:ucid 53 disconnected!
17:10:10 MSG:ucid 54 TCP connected from IP:140.205.225.193!
17:10:10 MSG:ucid 54:POST /j_acegi_security_check HTTP/1.1
17:10:10 MSG:ucid 54 disconnected!
17:10:10 MSG:ucid 55 TCP connected from IP:140.205.225.193!
17:10:10 MSG:ucid 55:POST /j_acegi_security_check HTTP/1.1
17:10:10 MSG:ucid 55 disconnected!
17:10:11 MSG:ucid 56 TCP connected from IP:140.205.225.193!
17:10:11 MSG:ucid 56:POST /j_acegi_security_check HTTP/1.1
17:10:11 MSG:ucid 56 disconnected!
17:10:11 MSG:ucid 57 TCP connected from IP:140.205.225.193!
17:10:11 MSG:ucid 57:POST /j_acegi_security_check HTTP/1.1
17:10:11 MSG:ucid 57 disconnected!
17:10:12 MSG:ucid 58 TCP connected from IP:140.205.225.193!
17:10:12 MSG:ucid 58:POST /j_acegi_security_check HTTP/1.1
17:10:12 MSG:ucid 58 disconnected!
17:10:12 MSG:ucid 59 TCP connected from IP:140.205.225.193!
17:10:12 MSG:ucid 59:GET /phpMyAdmin/index.php HTTP/1.1
17:10:12 MSG:ucid 60 TCP connected from IP:140.205.225.193!
17:10:12 MSG:ucid 60:POST /j_acegi_security_check HTTP/1.1
17:10:12 MSG:ucid 60 disconnected!
17:10:13 MSG:ucid 61 TCP connected from IP:140.205.225.193!
17:10:13 MSG:ucid 61:POST /j_acegi_security_check HTTP/1.1
17:10:13 MSG:ucid 61 disconnected!
17:10:13 MSG:ucid 62 TCP connected from IP:140.205.225.193!
17:10:13 MSG:ucid 62:POST /j_acegi_security_check HTTP/1.1
17:10:13 MSG:ucid 62 disconnected!
17:10:14 MSG:ucid 63 TCP connected from IP:140.205.225.193!
17:10:14 MSG:ucid 63:POST /j_acegi_security_check HTTP/1.1
17:10:14 MSG:ucid 63 disconnected!
17:10:14 MSG:ucid 64 TCP connected from IP:140.205.225.193!
17:10:14 MSG:ucid 64:POST /j_acegi_security_check HTTP/1.1
17:10:14 MSG:ucid 64 disconnected!
17:10:15 MSG:ucid 65 TCP connected from IP:140.205.225.193!
17:10:15 MSG:ucid 65:POST /j_acegi_security_check HTTP/1.1
17:10:15 MSG:ucid 65 disconnected!
17:10:15 MSG:ucid 66 TCP connected from IP:140.205.225.193!
17:10:15 MSG:ucid 66:POST /j_acegi_security_check HTTP/1.1
17:10:15 MSG:ucid 66 disconnected!
17:10:16 MSG:ucid 67 TCP connected from IP:140.205.225.193!
17:10:16 MSG:ucid 67:POST /j_acegi_security_check HTTP/1.1
17:10:16 MSG:ucid 67 disconnected!
17:10:16 MSG:ucid 68 TCP connected from IP:140.205.225.193!
17:10:16 MSG:ucid 68:POST /j_acegi_security_check HTTP/1.1
17:10:16 MSG:ucid 68 disconnected!
17:10:17 MSG:ucid 69 TCP connected from IP:140.205.225.193!
17:10:17 MSG:ucid 69:POST /j_acegi_security_check HTTP/1.1
17:10:17 MSG:ucid 69 disconnected!
17:10:17 MSG:ucid 70 TCP connected from IP:140.205.225.193!
17:10:17 MSG:ucid 70:POST /j_acegi_security_check HTTP/1.1
17:10:17 MSG:ucid 70 disconnected!
17:10:18 MSG:ucid 71 TCP connected from IP:140.205.225.193!
17:10:18 MSG:ucid 71:POST /j_acegi_security_check HTTP/1.1
17:10:18 MSG:ucid 71 disconnected!
17:10:18 MSG:ucid 72 TCP connected from IP:140.205.225.193!
17:10:18 MSG:ucid 72:POST /j_acegi_security_check HTTP/1.1
17:10:18 MSG:ucid 72 disconnected!
17:10:19 MSG:ucid 73 TCP connected from IP:140.205.225.193!
17:10:19 MSG:ucid 73:POST /j_acegi_security_check HTTP/1.1
17:10:19 MSG:ucid 73 disconnected!
17:10:19 MSG:ucid 74 TCP connected from IP:140.205.225.193!
17:10:19 MSG:ucid 74:POST /j_acegi_security_check HTTP/1.1
17:10:19 MSG:ucid 74 disconnected!
17:10:20 MSG:ucid 75 TCP connected from IP:140.205.225.193!
17:10:20 MSG:ucid 75:POST /j_acegi_security_check HTTP/1.1
17:10:20 MSG:ucid 75 disconnected!
17:10:20 MSG:ucid 76 TCP connected from IP:140.205.225.193!
17:10:20 MSG:ucid 76:POST /j_acegi_security_check HTTP/1.1
17:10:20 MSG:ucid 76 disconnected!
17:10:21 MSG:ucid 77 TCP connected from IP:140.205.225.193!
17:10:21 MSG:ucid 77:POST /j_acegi_security_check HTTP/1.1
17:10:21 MSG:ucid 77 disconnected!
17:10:21 MSG:ucid 78 TCP connected from IP:140.205.225.193!
17:10:21 MSG:ucid 78:POST /j_acegi_security_check HTTP/1.1
17:10:21 MSG:ucid 78 disconnected!
17:10:22 MSG:ucid 79 TCP connected from IP:140.205.225.193!
17:10:22 MSG:ucid 79:POST /j_acegi_security_check HTTP/1.1
17:10:22 MSG:ucid 79 disconnected!
17:10:22 MSG:ucid 59 disconnected!
17:10:22 MSG:ucid 80 TCP connected from IP:140.205.225.193!
17:10:22 MSG:ucid 80:POST /j_acegi_security_check HTTP/1.1
17:10:22 MSG:ucid 80 disconnected!
17:10:23 MSG:ucid 81 TCP connected from IP:140.205.225.193!
17:10:23 MSG:ucid 81:POST /j_acegi_security_check HTTP/1.1
17:10:23 MSG:ucid 81 disconnected!
17:10:23 MSG:ucid 82 TCP connected from IP:140.205.225.193!
17:10:23 MSG:ucid 82:POST /j_acegi_security_check HTTP/1.1
17:10:23 MSG:ucid 82 disconnected!
17:10:24 MSG:ucid 83 TCP connected from IP:140.205.225.193!
17:10:24 MSG:ucid 83:POST /j_acegi_security_check HTTP/1.1
17:10:24 MSG:ucid 83 disconnected!
17:10:24 MSG:ucid 84 TCP connected from IP:140.205.225.193!
17:10:24 MSG:ucid 84:POST /j_acegi_security_check HTTP/1.1
17:10:24 MSG:ucid 84 disconnected!
17:10:25 MSG:ucid 85 TCP connected from IP:140.205.225.193!
17:10:25 MSG:ucid 85:POST /j_acegi_security_check HTTP/1.1
17:10:25 MSG:ucid 85 disconnected!
17:10:25 MSG:ucid 86 TCP connected from IP:140.205.225.193!
17:10:25 MSG:ucid 86:POST /j_acegi_security_check HTTP/1.1
17:10:25 MSG:ucid 86 disconnected!
17:10:26 MSG:ucid 87 TCP connected from IP:140.205.225.193!
17:10:26 MSG:ucid 87:POST /j_acegi_security_check HTTP/1.1
17:10:26 MSG:ucid 87 disconnected!
17:10:27 MSG:ucid 88 TCP connected from IP:140.205.225.193!
17:10:27 MSG:ucid 88:GET /pma/index.php HTTP/1.1
17:10:37 MSG:ucid 88 disconnected!
17:10:42 MSG:ucid 89 TCP connected from IP:140.205.225.193!
17:10:42 MSG:ucid 89:GET /pmd/index.php HTTP/1.1
17:10:52 MSG:ucid 89 disconnected!
17:10:57 MSG:ucid 90 TCP connected from IP:140.205.225.193!
17:10:57 MSG:ucid 90:GET /phpmyadmin/index.php HTTP/1.1
17:11:07 MSG:ucid 90 disconnected!
17:11:12 MSG:ucid 91 TCP connected from IP:140.205.225.193!
17:11:12 MSG:ucid 91:GET /phpMyAdmin/index.php HTTP/1.1
17:11:22 MSG:ucid 91 disconnected!
17:11:27 MSG:ucid 92 TCP connected from IP:140.205.225.193!
17:11:27 MSG:ucid 92:GET /pma/index.php HTTP/1.1
17:11:37 MSG:ucid 92 disconnected!
17:11:42 MSG:ucid 93 TCP connected from IP:140.205.225.193!
17:11:42 MSG:ucid 93:GET /pmd/index.php HTTP/1.1
17:11:52 MSG:ucid 93 disconnected!
17:12:05 MSG:ucid 94 TCP connected from IP:140.205.225.193!
17:12:08 MSG:ucid 94 disconnected!
17:14:33 MSG:httpsrv stop success!
写回答
-
Re把日志做的更详细些,终于看到了阿里扫描用户的8080端口在做什么。基本就是这些;
GET / HTTP/1.1
GET /clusters.jsf HTTP/1.1
GET /jenkins/ HTTP/1.1
GET /zabbix/ HTTP/1.1
GET /solr/ HTTP/1.1
GET /j_acegi_security_check HTTP/1.1
POST /j_acegi_security_check HTTP/1.1
GET不到j_acegi_security_check 就不断的POST,程序根本就是不支持POST命令。-------------------------
Re把日志做的更详细些,终于看到了阿里扫描用户的8080端口在做什么。17:10:27 MSG:ucid 88:GET /pma/index.php HTTP/1.1
17:10:57 MSG:ucid 90:GET /phpmyadmin/index.php HTTP/1.1
GET这些又是啥子意思呢?2017-05-19 17:54:16赞同 展开评论 打赏
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。
相关文章
相关电子书
更多
