日期:2014-05-17  浏览次数:20944 次

大家帮我看看黑客是通过什么漏洞攻击服务器的??(紧急)
大家帮我看看黑客是通过什么漏洞攻击服务器的??(紧急)
2010-01-24 16:23:59 63.185.215.56 PUT /jsky_test.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:08 63.185.215.56 PUT /jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:18 63.185.215.56 PUT /CJ/jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:26 63.185.215.56 PUT /xin/jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:33 63.185.215.56 PUT /fz/jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-24 16:24:36 63.185.215.56 PUT /data/jsky_web_scanner_test_file.txt - 80 - 222.75.167.134 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+.NET+CLR+2.0.50727)+NOSEC.JSky/1.0 501 0 0
2010-01-26 09:40:52 63.185.215.56 PUT /formytest.htm - 80 - 202.75.223.250 Mozilla/4.0+(compatible;+MSIE+6.0;+Win32) 501 0 0
2010-01-26 10:26:00 63.185.215.56 PUT /oto.htm - 80 - 78.165.83.227 Microsoft+Data+Access+Internet+Publishing+Provider+DAV+1.1 501 0 0

2010-01-28 10:55:57 63.185.215.56 PUT /oto.htm - 80 - 78.165.95.64 Microsoft+Data+Access+Internet+Publishing+Provider+DAV+1.1 501 0 0
2010-01-29 15:01:41 63.185.215.56 PUT /vupmeatsy.txt - 80 - 88.254.120.133 Microsoft+Data+Access+Internet+Publishing+Provider+DAV+1.1 501 0 0
2010-01-29 17:14:00 63.185.215.56 PUT /test_9462.html - 80 - 124.115.170.4 Mozilla/5.0+(X11;+U;+Linux;+C+-)+AppleWebKit/523.15+(KHTML,+like+Gecko,+Safari/419.3)+Qt/4.4.3 501 0 0
2010-01-29 17:14:32 63.185.215.56 PUT /fz/test_8270.html - 80 - 124.115.170.4 Mozilla/5.0+(X11;+U;+Linux;+C+-)+AppleWebKit/523.15+(KHTML,+like+Gecko,+Safari/419.3)+Qt/4.4.3 501 0 0

------解决方案--------------------
这个日志是你系统获得的?

貌似黑客是运用了iiscan这个软件 对你的web进行扫描的。

有关于这个软件 http://www.iiscan.com/

最近新出的一个软件 !很多认识的玩黑的朋友貌似都在实验这个玩意!
------解决方案--------------------
这个是WEB端口扫描的结果 扫描端口为80端口 尝试通过80端口测试 数据库后台结构吧~ jsky_web_scanner