当前位置:西部数码知识库 常见问题 http:www.diygw.com被恶意攻击造成负荷很高

http:www.diygw.com被恶意攻击造成负荷很高

2023-02-20 分类:常见问题 阅读(291) 西部数码编辑君

问:http://www.diygw.com被恶意攻击造成负荷很高   同样是本环境下的更外一个域名http://www.html580.com 是不会的 都是JAVA程序 请帮忙排除并给出解决方案,http:www.diygw.com被恶意攻击造成负荷很高

答:您好,目前使用top命令查看服务器负载相对较低,但查看有执行sh命令,请核实您是否在做一些任务计划,如非必要的任务计划,请先停止此任务计划脚本执行后再观察下,非常感谢您长期对我司的支持!

问:不是此定时任务的原因 ,我已经关闭了 但还是访问不了 是有恶意攻击来源 一直占用域名 

问:我把程序全部重启了 发现了大量的close_wait。 现又恢复了 能看出从哪里来的攻击吗

答:您好,

您好,核实停止了任务计划后,cpu负载降下来了,通过服务器里抓包显示如下,并没有固定的ip对您服务器发起连接请求,当前访问www.diygw.com 提示无法获取源站数据,但如把域名直接hosts指向到 127.0.0.1,测试是可以访问的,并且在服务器内部使用127.0.0.1获取您站点数据也是正常的,当前请检查下您的百度云加速回源地址是否设置的是127.0.0.1这个ip,非常感谢您长期对我司的支持!

[@ebs-34987 ~]# tcpdump  -i eth0  tcp port 80

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes

09:56:28.606857 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [S], seq , win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 0

09:56:28.606957 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [S.], seq , ack , win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

09:56:28.898003 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 1, win 29, length 0

09:56:28.898086 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [P.], seq 1:494, ack 1, win 29, length 493: HTTP: GET /upload/image/2013/06/resizemybrowser.jpg HTTP/1.1

09:56:28.898108 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], ack 494, win 123, length 0

09:56:28.913122 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 1:2921, ack 494, win 123, length 2920: HTTP: HTTP/1.1 200 OK

09:56:28.913378 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 2921:5841, ack 494, win 123, length 2920: HTTP

09:56:28.913543 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 5841:8761, ack 494, win 123, length 2920: HTTP

09:56:28.913789 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 8761:11681, ack 494, win 123, length 2920: HTTP

09:56:28.914093 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 11681:14601, ack 494, win 123, length 2920: HTTP

09:56:29.201175 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 1461, win 32, length 0

09:56:29.201274 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [P.], seq 14601:17521, ack 494, win 123, length 2920: HTTP

09:56:29.201356 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 2921, win 35, length 0

09:56:29.201378 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 4381, win 38, length 0

09:56:29.201384 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 5841, win 40, length 0

09:56:29.201391 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 7301, win 43, length 0

09:56:29.201396 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 8761, win 46, length 0

09:56:29.201687 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 10221, win 49, length 0

09:56:29.201717 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 11681, win 52, length 0

09:56:29.202276 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 17521:20441, ack 494, win 123, length 2920: HTTP

09:56:29.202351 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 20441:23361, ack 494, win 123, length 2920: HTTP

09:56:29.202404 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 23361:26281, ack 494, win 123, length 2920: HTTP

09:56:29.202466 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 26281:29201, ack 494, win 123, length 2920: HTTP

09:56:29.202541 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 29201:32121, ack 494, win 123, length 2920: HTTP

09:56:29.202776 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 13141, win 55, length 0

09:56:29.202793 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 32121:35041, ack 494, win 123, length 2920: HTTP

09:56:29.202847 IP 127.0.0.1.48360 > 127.0.0.1.http: Flags [.], ack 14601, win 58, length 0

09:56:29.202858 IP 127.0.0.1.http > 127.0.0.1.48360: Flags [.], seq 35041:37961, ack 494, win 123, length 2920: HTTP

09:56:29.231028 IP 127.0.0.1.45190 > 127.0.0.1.http: Flags [S], seq , win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 0

09:56:29.231125 IP 127.0.0.1.http > 127.0.0.1.45190: Flags [S.], seq , ack , win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

09:56:29.257595 IP 127.0.0.1.62980 > 127.0.0.1.http: Flags [.], ack , win 58, length 0

09:56:29.257671 IP 127.0.0.1.http > 127.0.0.1.62980: Flags [.], ack 1, win 123, length 0

09:56:29.343088 IP 127.0.0.1.38982 > 127.0.0.1.http: Flags [S], seq , win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 0

09:56:29.343176 IP 127.0.0.1.http > 127.0.0.1.38982: Flags [S.], seq , ack , win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

09:56:29.343251 IP 127.0.0.1.20490 > 127.0.0.1.http: Flags [S], seq , win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 0

09:56:29.343274 IP 127.0.0.1.http > 127.0.0.1.20490: Flags [S.], seq , ack , win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

09:56:29.343637 IP 127.0.0.1.31838 > 127.0.0.1.http: Flags [S], seq , win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 0

09:56:29.343660 IP 127.0.0.1.http > 127.0.0.1.31838: Flags [S.], seq , ack , win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

09:56:29.347085 IP 127.0.0.1.16784 > 127.0.0.1.http: Flags [S], seq , win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 0

09:56:29.347125 IP 127.0.0.1.http > 127.0.0.1.16784: Flags [S.], seq , ack , win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

09:56:29.348862 IP 127.0.0.1.12850 > 127.0.0.1.http: Flags [S], seq , win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 0

09:56:29.348903 IP 127.0.0.1.http > 127.0.0.1.12850: Flags [S.], seq , ack , win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

09:56:29.351217 IP 127.0.0.1.38988 > 127.0.0.1.http: Flags [S], seq , win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 0

09:56:29.351262 IP 127.0.0.1.http > 127.0.0.1.38988: Flags [S.], seq , ack , win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

09:56:29.367887 IP 127.0.0.1.20490 > 127.0.0.1.http: Flags [.], ack 1, win 29, length 0

09:56:29.367980 IP 127.0.0.1.20490 > 127.0.0.1.http: Flags [P.], seq 1:557, ack 1, win 29, length 556: HTTP: GET /wp-content/uploads/2013/03/jquery-plugin-zoho-pdf-viewer-5.jpg HTTP/1.1

09:56:29.368010 IP 127.0.0.1.http > 127.0.0.1.20490: Flags [.], ack 557, win 123, length 0

09:56:29.368089 IP 127.0.0.1.31838 > 127.0.0.1.http: Flags [.], ack 1, win 29, length 0

09:56:29.368108 IP 127.0.0.1.31838 > 127.0.0.1.http: Flags [P.], seq 1:565, ack 1, win 29, length 564: HTTP: GET /wp-content/uploads/2013/03/javascript-embed-pdf-reader-pdfobject-3.jpg HTTP/1.1

09:56:29.368118 IP 127.0.0.1.http > 127.0.0.1.31838: Flags [.], ack 565, win 123, length 0

09:56:29.368396 IP 127.0.0.1.http > 127.0.0.1.20490: Flags [P.], seq 1:728, ack 557, win 123, length 727: HTTP: HTTP/1.1 404 Not Found

09:56:29.368644 IP 127.0.0.1.http > 127.0.0.1.31838: Flags [P.], seq 1:728, ack 565, win 123, length 727: HTTP: HTTP/1.1 404 Not Found

09:56:29.369383 IP 127.0.0.1.12850 > 127.0.0.1.http: Flags [.], ack 1, win 29, length 0

09:56:29.369422 IP 127.0.0.1.12850 > 127.0.0.1.http: Flags [P.], seq 1:551, ack 1, win 29, length 550: HTTP: GET /wp-content/uploads/2013/03/jquery-media-plugin-pdf-2.jpg HTTP/1.1

09:56:29.369437 IP 127.0.0.1.http > 127.0.0.1.12850: Flags [.], ack 551, win 123, length 0

09:56:29.370009 IP 127.0.0.1.38982 > 127.0.0.1.http: Flags [.], ack 1, win 29, length 0

09:56:29.370238 IP 127.0.0.1.38982 > 127.0.0.1.http: Flags [P.], seq 1:556, ack 1, win 29, length 555: HTTP: GET /wp-content/uploads/2013/03/javascript-pdf-reader-pdf-js-1.jpg HTTP/1.1

09:56:29.370255 IP 127.0.0.1.http > 127.0.0.1.38982: Flags [.], ack 556, win 123, length 0

09:56:29.370931 IP 127.0.0.1.16784 > 127.0.0.1.http: Flags [.], ack 1, win 29, length 0

09:56:29.370955 IP 127.0.0.1.16784 > 127.0.0.1.http: Flags [P.], seq 1:569, ack 1, win 29, length 568: HTTP: GET /wp-content/uploads/2013/03/jate-pdf-file-reader-jspdf-6.jpg HTTP/1.1

09:56:29.370965 IP 127.0.0.1.http > 127.0.0.1.16784: Flags [.], ack 569, win 123, length 0

09:56:29.374683 IP 127.0.0.1.38988 > 127.0.0.1.http: Flags [.], ack 1, win 29, length 0

09:56:29.374756 IP 127.0.0.1.38988 > 127.0.0.1.http: Flags [P.], seq 1:556, ack 1, win 29, length 555: HTTP: GET /wp-content/uploads/2013/03/jquery-google-pdf-doc-viewer-4.jpg HTTP/1.1

09:56:39.063173 IP 127.0.0.1.http > 127.0.0.1.51102: Flags [.], seq :, ack , win 130, length 2920: HTTP: HTTP/1.1 200

09:56:39.063472 IP 127.0.0.1.http > 127.0.0.1.51102: Flags [.], seq 2920:5840, ack 1, win 130, length 2920: HTTP

09:56:39.063708 IP 127.0.0.1.http > 127.0.0.1.51102: Flags [.], seq 5840:8760, ack 1, win 130, length 2920: HTTP

09:56:39.063879 IP 127.0.0.1.http > 127.0.0.1.51102: Flags [.], seq 8760:11680, ack 1, win 130, length 2920: HTTP

09:56:39.064036 IP 127.0.0.1.http > 127.0.0.1.51102: Flags [.], seq 11680:14600, ack 1, win 130, length 2920: HTTP

09:56:39.087200 IP 127.0.0.1.51102 > 127.0.0.1.http: Flags [.], ack 2920, win 35, length 0

09:56:39.087281 IP 127.0.0.1.http > 127.0.0.1.51102: Flags [P.], seq 14600:14984, ack 1, win 130, length 384: HTTP

09:56:39.087446 IP 127.0.0.1.51102 > 127.0.0.1.http: Flags [.], ack 4380, win 38, length 0

09:56:39.087472 IP 127.0.0.1.51102 > 127.0.0.1.http: Flags [.], ack 5840, win 40, length 0

09:56:39.087482 IP 127.0.0.1.51102 > 127.0.0.1.http: Flags [.], ack 8760, win 46, length 0

09:56:39.087490 IP 127.0.0.1.51102 > 127.0.0.1.http: Flags [.], ack 10220, win 49, length 0

09:56:39.087585 IP 127.0.0.1.51102 > 127.0.0.1.http: Flags [.], ack 11680, win 52, length 0

09:56:39.087827 IP 127.0.0.1.51102 > 127.0.0.1.http: Flags [.], ack 13140, win 55, length 0

09:56:39.087839 IP 127.0.0.1.51102 > 127.0.0.1.http: Flags [.], ack 14600, win 58, length 0

09:56:39.111801 IP 127.0.0.1.51102 > 127.0.0.1.http: Flags [.], ack 14984, win 60, length 0

09:56:39.207108 IP 127.0.0.1.39850 > 127.0.0.1.http: Flags [.], ack , win 29, length 0

09:56:39.207193 IP 127.0.0.1.39850 > 127.0.0.1.http: Flags [P.], seq 0:687, ack 1, win 29, length 687: HTTP: GET /9674 HTTP/1.1

09:56:39.207218 IP 127.0.0.1.http > 127.0.0.1.39850: Flags [.], ack 687, win 125, length 0

09:56:39.325925 IP 127.0.0.1.http > 127.0.0.1.39850: Flags [.], seq 1:2921, ack 687, win 125, length 2920: HTTP: HTTP/1.1 200

09:56:39.326129 IP 127.0.0.1.http > 127.0.0.1.39850: Flags [.], seq 2921:5841, ack 687, win 125, length 2920: HTTP

09:56:39.326233 IP 127.0.0.1.http > 127.0.0.1.39850: Flags [.], seq 5841:8761, ack 687, win 125, length 2920: HTTP

09:56:39.326371 IP 127.0.0.1.http > 127.0.0.1.39850: Flags [.], seq 8761:11681, ack 687, win 125, length 2920: HTTP

09:56:39.326438 IP 127.0.0.1.http > 127.0.0.1.39850: Flags [.], seq 11681:14601, ack 687, win 125, length 2920: HTTP

09:56:39.530448 IP 127.0.0.1.39850 > 127.0.0.1.http: Flags [.], ack 1461, win 32, length 0

09:56:39.530529 IP 127.0.0.1.http > 127.0.0.1.39850: Flags [P.], seq 14601:15365, ack 687, win 125, length 764: HTTP

09:56:39.530604 IP 127.0.0.1.39850 > 127.0.0.1.http: Flags [.], ack 2921, win 35, length 0

09:56:39.530629 IP 127.0.0.1.39850 > 127.0.0.1.http: Flags [.], ack 5841, win 40, length 0

09:56:39.530637 IP 127.0.0.1.39850 > 127.0.0.1.http: Flags [.], ack 5841, win 43, options [nop,nop,sack 1 {8761:10221}], length 0

09:56:44.185515 IP 127.0.0.1.11342 > 127.0.0.1.http: Flags [.], ack , win 60, length 0

09:56:44.185539 IP 127.0.0.1.11342 > 127.0.0.1.http: Flags [.], ack 1461, win 63, length 0

09:57:04.300555 IP hn.kd.ny.adsl.43766 > 127.0.0.1.http: Flags [S], seq , win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 10], length 0

09:57:04.300619 IP 127.0.0.1.http > hn.kd.ny.adsl.43766: Flags [S.], seq , ack , win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0

09:57:04.319124 IP hn.kd.ny.adsl.43766 > 127.0.0.1.http: Flags [.], ack 1, win 29, length 0

09:57:04.319223 IP hn.kd.ny.adsl.43766 > 127.0.0.1.http: Flags [P.], seq 1:800, ack 1, win 29, length 799: HTTP: GET /upload/image/2012/09/2753.jpg HTTP/1.1

09:57:04.319250 IP 127.0.0.1.http > hn.kd.ny.adsl.43766: Flags [.], ack 800, win 127, length 0

09:57:04.340154 IP 127.0.0.1.http > hn.kd.ny.adsl.43766: Flags [.], seq 1:2921, ack 800, win 127, length 2920: HTTP: HTTP/1.1 200 OK

09:57:04.340288 IP 127.0.0.1.http > hn.kd.ny.adsl.43766: Flags [.], seq 2921:5841, ack 800, win 127, length 2920: HTTP

09:57:04.340363 IP 127.0.0.1.http > hn.kd.ny.adsl.43766: Flags [.], seq 5841:8761, ack 800, win 127, length 2920: HTTP

09:57:04.340427 IP 127.0.0.1.http > hn.kd.ny.adsl.43766: Flags [.], seq 8761:11681, ack 800, win 127, length 2920: HTTP

09:57:04.340576 IP 127.0.0.1.http > hn.kd.ny.adsl.43766: Flags [.], seq 11681:14601, ack 800, win 127, length 2920: HTTP

09:57:04.376799 IP hn.kd.ny.adsl.43766 > 127.0.0.1.http: Flags [.], ack 16061, win 60, length 0

09:57:04.376857 IP 127.0.0.1.http > hn.kd.ny.adsl.43766: Flags [.], seq 33581:35041, ack 800, win 127, length 1460: HTTP

09:57:04.376914 IP 127.0.0.1.http > hn.kd.ny.adsl.43766: Flags [P.], seq 35041:35263, ack 800, win 127, length 222: HTTP

09:57:04.376945 IP hn.kd.ny.adsl.43766 > 127.0.0.1.http: Flags [.], ack 17521, win 63, length 0

09:57:04.383670 IP hn.kd.ny.adsl.43766 > 127.0.0.1.http: Flags [.], ack 20441, win 69, length 0

09:57:04.383992 IP hn.kd.ny.adsl.43766 > 127.0.0.1.http: Flags [.], ack 21901, win 72, length 0

09:57:04.384009 IP hn.kd.ny.adsl.43766 > 127.0.0.1.http: Flags [.], ack 23361, win 75, length 0

09:57:04.384019 IP hn.kd.ny.adsl.43766 > 127.0.0.1.http: Flags [.], ack 24821, win 77, length 0

更多关于云服务器域名注册虚拟主机的问题,请访问西部数码官网:www.west.cn
赞(0)
声明:本网站发布的内容(图片、视频和文字)以原创、转载和分享网络内容为主,如果涉及侵权请尽快告知,我们将会在第一时间删除。文章观点不代表本网站立场,如需处理请联系客服。电话:028-62778877-8306;邮箱:fanjiao@west.cn。本站原创内容未经允许不得转载,或转载时需注明出处:西部数码知识库 » http:www.diygw.com被恶意攻击造成负荷很高

猜你还会喜欢下面的内容

热门标签

其他问题云服务器问题域名及账户问题企业邮局市场咨询云服务器云建站/云站群/小程序虚拟主机网络知识企业邮箱域名注册域名备案商标注册域名云主机更多标签...

大家感兴趣的内容

登录

找回密码

注册