banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register  
[Login] Loginhttp  | https  ]
 
Forum Index Thảo luận bảo mật xác định dùm e kiểu ddos này là kiểu gì lạ quá?  XML
  [Question]   xác định dùm e kiểu ddos này là kiểu gì lạ quá? 03/04/2010 16:30:51 (+0700) | #1 | 208370
sayke1987
Member

[Minus]    0    [Plus]
Joined: 13/03/2008 16:00:22
Messages: 8
Offline
[Profile] [PM]
mình vừa bị ddos nữa và lưu được log như sau

2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1);+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+MEGAUPLOAD+2.0;++Alexa+Toolbar) 200 0 0
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1);+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+MEGAUPLOAD+2.0;++Alexa+Toolbar) 200 0 0
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1);+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+MEGAUPLOAD+2.0;++Alexa+Toolbar) 200 0 0
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1);+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+MEGAUPLOAD+2.0;++Alexa+Toolbar) 200 0 0 


thấy nó có chú thích là megaupload + alexa toobar

có cách nào ngăn kiểu ddos này ko mấy anh
[Up] [Print Copy]
  [Question]   xác định dùm e kiểu ddos này là kiểu gì lạ quá? 04/04/2010 04:19:01 (+0700) | #2 | 208394
[Avatar]
conmale
Administrator

Joined: 07/05/2004 23:43:15
Messages: 9353
Location: down under
Offline
[Profile] [PM]

sayke1987 wrote:
mình vừa bị ddos nữa và lưu được log như sau

2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.0.3705) 200 0 64
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1);+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+MEGAUPLOAD+2.0;++Alexa+Toolbar) 200 0 0
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1);+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+MEGAUPLOAD+2.0;++Alexa+Toolbar) 200 0 0
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1);+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+MEGAUPLOAD+2.0;++Alexa+Toolbar) 200 0 0
2010-04-03 11:02:14 W3SVC2129403675 125.234.14.59 GET /Default.asp - 80 - 79.125.46.243 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1);+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+MEGAUPLOAD+2.0;++Alexa+Toolbar) 200 0 0 


thấy nó có chú thích là megaupload + alexa toobar

có cách nào ngăn kiểu ddos này ko mấy anh 


Thông tin ở trên không thể xác định DDoS kiểu gì đâu. Mấy đoạn màu đỏ chỉ đơn giản là plug-ins được cài trên trình duyệt và nó hiển thị khi trình duyệt gởi request đến máy chủ của bồ thôi.
What bringing us together is stronger than what pulling us apart.
[Up] [Print Copy]
  [Question]   xác định dùm e kiểu ddos này là kiểu gì lạ quá? 04/04/2010 06:15:28 (+0700) | #3 | 208398
sayke1987
Member

[Minus]    0    [Plus]
Joined: 13/03/2008 16:00:22
Messages: 8
Offline
[Profile] [PM]
thank! anh

[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|