« [小酒馆] 8周年庆典活动现场照片 2 | 回首页(HOME) | 热烈庆祝“春委会”成立 »
March 22, 2005
黑客
21/Mar/2005:05:16:15开始,一直到下午2点因流量过大关闭,每秒钟都有十几个IP调用本站同一幅图片“trance_planet_1.jpg”(已删除),造成2G的总流量,超过了51.net的流量限制,站点被关闭。
网站被黑。这一刻竟然有种中大奖的感觉,俺区区一个BLOG,竟劳烦黑客光临,足以说明……51.net的服务器实在是太不安全鸟。他们这样回答我的投诉:“我们只负责提供空间,不能判断访问是否存在恶意。如果您不想因为流量超标而网站被关闭,请加入DIY吧(一种IE工具条插件)推广联盟,以后不会在出现流量困扰的问题。”
请教各路高手如何在网站实现对下列非法调用请求的屏蔽?
sunsethouse.apro-g.com 219.134.87.129 - - [21/Mar/2005:05:16:15 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 212.159.119.60 - - [21/Mar/2005:05:16:18 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 219.95.192.239 - - [21/Mar/2005:05:16:21 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 61.188.170.127 - - [21/Mar/2005:05:16:22 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 67.71.43.159 - - [21/Mar/2005:05:16:25 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 80.238.12.30 - - [21/Mar/2005:05:16:27 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 218.5.46.42 - - [21/Mar/2005:05:16:29 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 219.95.192.239 - - [21/Mar/2005:05:16:32 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 206 14699 -
sunsethouse.apro-g.com 61.229.220.64 - - [21/Mar/2005:05:16:32 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 24.43.170.71 - - [21/Mar/2005:05:16:33 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 217.162.7.50 - - [21/Mar/2005:05:16:34 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 159.101.35.183 - - [21/Mar/2005:05:16:35 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 219.233.66.40 - - [21/Mar/2005:05:16:35 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 219.159.159.49 - - [21/Mar/2005:05:16:35 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 219.232.40.10 - - [21/Mar/2005:05:16:36 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 61.138.77.38 - - [21/Mar/2005:05:16:37 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 218.168.179.24 - - [21/Mar/2005:05:16:38 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 80.98.35.227 - - [21/Mar/2005:05:16:40 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 219.132.255.229 - - [21/Mar/2005:05:16:41 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 69.226.215.118 - - [21/Mar/2005:05:16:41 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 193.63.48.48 - - [21/Mar/2005:05:16:42 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.0" 200 17325 -
sunsethouse.apro-g.com 220.163.199.191 - - [21/Mar/2005:05:16:42 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
sunsethouse.apro-g.com 202.107.196.206 - - [21/Mar/2005:05:16:42 +0800] "GET /archives/images/trance_planet_1.jpg HTTP/1.1" 200 17325 -
Posted by david at March 22, 2005 10:44 AM
Trackback Pings
TrackBack URL for this entry:
http://blog.apro-g.com/cgi-bin/mt/mt-tb.cgi/734
Comments
你们网站主要做什么呢?
Posted by: 高鹏 at March 23, 2005 08:20 PM
DDOS?如果你没有网络管理员的权限的话,防范DDOS是很困难的。再说,这本来就应该是网络管理员的责任之一,虽然不能完全防范,但是做一些屏蔽和限制还不是一件很困难的事情。
-------------
david: 51.net认为他们只提供空间,不负责检测调用命令是否恶意。
Posted by: handmade at March 23, 2005 03:58 PM