我在日志文件中发现了一些我不明白的条目。除了所有预期的GET请求,我发现了相当多的HEAD请求,我知道我的应用程序没有。
我没有phpmyadmin,SQL或我的服务器上安装的任何其他资源(运行Mongo DB的纯Node.js应用程序)。
这可能是自动软件扫描我的服务器的漏洞吗?
[0mHEAD http://54.xxx.xxx.xxx:80/2phpmyadmin/ [36m301 [0m2.044 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/3phpmyadmin/ [36m301 [0m1.789 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/4phpmyadmin/ [36m301 [0m1.749 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/MyAdmin/ [36m301 [0m1.770 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/PMA/ [36m301 [0m1.705 ms - 83[0m
[0mHEAD http://54.xxx.xxx.xxx:80/PMA2011/ [36m301 [0m1.762 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/PMA2012/ [36m301 [0m1.470 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/PMA2013/ [36m301 [0m1.316 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/PMA2014/ [36m301 [0m1.605 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/PMA2015/ [36m301 [0m1.282 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/admin/ [36m301 [0m1.194 ms - 85[0m
[0mHEAD http://54.xxx.xxx.xxx:80/admin/db/ [36m301 [0m1.307 ms - 88[0m
[0mHEAD http://54.xxx.xxx.xxx:80/admin/pMA/ [36m301 [0m1.236 ms - 89[0m
[0mHEAD http://54.xxx.xxx.xxx:80/admin/phpMyAdmin/ [36m301 [0m1.299 ms - 96[0m
[0mHEAD http://54.xxx.xxx.xxx:80/admin/phpmyadmin/ [36m301 [0m1.534 ms - 96[0m
[0mHEAD http://54.xxx.xxx.xxx:80/admin/sqladmin/ [36m301 [0m1.218 ms - 94[0m
[0mHEAD http://54.xxx.xxx.xxx:80/admin/sysadmin/ [36m301 [0m1.523 ms - 94[0m
[0mHEAD http://54.xxx.xxx.xxx:80/admin/web/ [36m301 [0m1.612 ms - 89[0m
[0mHEAD http://54.xxx.xxx.xxx:80/administrator/PMA/ [36m301 [0m1.410 ms - 97[0m
[0mHEAD http://54.xxx.xxx.xxx:80/administrator/admin/ [36m301 [0m1.302 ms - 99[0m
[0mHEAD http://54.xxx.xxx.xxx:80/administrator/db/ [36m301 [0m1.466 ms - 96[0m
[0mHEAD http://54.xxx.xxx.xxx:80/administrator/phpMyAdmin/ [36m301 [0m1.625 ms - 104[0m
[0mHEAD http://54.xxx.xxx.xxx:80/administrator/phpmyadmin/ [36m301 [0m1.781 ms - 104[0m
[0mHEAD http://54.xxx.xxx.xxx:80/administrator/pma/ [36m301 [0m1.277 ms - 97[0m
[0mHEAD http://54.xxx.xxx.xxx:80/administrator/web/ [36m301 [0m1.392 ms - 97[0m
[0mHEAD http://54.xxx.xxx.xxx:80/database/ [36m301 [0m1.217 ms - 88[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/ [36m301 [0m1.250 ms - 82[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/db-admin/ [36m301 [0m1.349 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/dbadmin/ [36m301 [0m1.240 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/dbweb/ [36m301 [0m1.347 ms - 88[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/myadmin/ [36m301 [0m1.365 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/phpMyAdmin-3/ [36m301 [0m1.257 ms - 95[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/phpMyAdmin/ [36m301 [0m1.304 ms - 93[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/phpMyAdmin3/ [36m301 [0m1.337 ms - 94[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/phpmyadmin/ [36m301 [0m1.280 ms - 93[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/phpmyadmin3/ [36m301 [0m1.217 ms - 94[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/webadmin/ [36m301 [0m1.378 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/webdb/ [36m301 [0m1.600 ms - 88[0m
[0mHEAD http://54.xxx.xxx.xxx:80/db/websql/ [36m301 [0m1.321 ms - 89[0m
[0mHEAD http://54.xxx.xxx.xxx:80/dbadmin/ [36m301 [0m1.367 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/myadmin/ [36m301 [0m1.318 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/myadminphp/ [36m301 [0m1.318 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql-admin/ [36m301 [0m1.464 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql/ [36m301 [0m1.254 ms - 85[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql/admin/ [36m301 [0m1.270 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql/db/ [36m301 [0m1.318 ms - 88[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql/dbadmin/ [36m301 [0m1.344 ms - 93[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql/mysqlmanager/ [36m301 [0m1.276 ms - 98[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql/pMA/ [36m301 [0m1.405 ms - 89[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql/pma/ [36m301 [0m1.236 ms - 89[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql/sqlmanager/ [36m301 [0m1.212 ms - 96[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysql/web/ [36m301 [0m1.381 ms - 89[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysqladmin/ [36m301 [0m1.214 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/mysqlmanager/ [36m301 [0m1.218 ms - 92[0m
[0mHEAD http://54.xxx.xxx.xxx:80/php-my-admin/ [36m301 [0m1.287 ms - 92[0m
[0mHEAD http://54.xxx.xxx.xxx:80/php-myadmin/ [36m301 [0m1.315 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpMyAdmin-2/ [36m301 [0m1.199 ms - 92[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpMyAdmin-3/ [36m301 [0m1.183 ms - 92[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpMyAdmin-4/ [36m301 [0m1.218 ms - 92[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpMyAdmin/ [36m301 [0m1.155 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpMyAdmin2/ [36m301 [0m1.231 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpMyAdmin3/ [36m301 [0m1.337 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpMyAdmin4/ [36m301 [0m1.669 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpMyadmin/ [36m301 [0m1.290 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpmanager/ [36m301 [0m1.241 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpmy-admin/ [36m301 [0m1.279 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpmy/ [36m301 [0m1.503 ms - 85[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpmyAdmin/ [36m301 [0m1.351 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpmyadmin/ [36m301 [0m1.400 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpmyadmin1/ [36m301 [0m1.346 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpmyadmin2/ [36m301 [0m1.320 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpmyadmin3/ [36m301 [0m1.317 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phpmyadmin4/ [36m301 [0m1.518 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/phppma/ [36m301 [0m1.286 ms - 86[0m
[0mHEAD http://54.xxx.xxx.xxx:80/pma/ [36m301 [0m2.188 ms - 83[0m
[0mGET /brothel [32m200 [0m1198.006 ms - -[0m
[0mHEAD http://54.xxx.xxx.xxx:80/pma2011/ [36m301 [0m1.599 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/pma2012/ [36m301 [0m1.481 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/pma2013/ [36m301 [0m1.373 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/pma2014/ [36m301 [0m1.283 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/pma2015/ [36m301 [0m1.546 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/program/ [36m301 [0m1.324 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/shopdb/ [36m301 [0m1.276 ms - 86[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/myadmin/ [36m301 [0m1.348 ms - 91[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/php-myadmin/ [36m301 [0m1.309 ms - 95[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/phpMyAdmin/ [36m301 [0m1.907 ms - 94[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/phpMyAdmin2/ [36m301 [0m1.353 ms - 95[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/phpMyAdmin3/ [36m301 [0m1.350 ms - 95[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/phpMyAdmin4/ [36m301 [0m1.431 ms - 95[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/phpmanager/ [36m301 [0m1.327 ms - 94[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/phpmy-admin/ [36m301 [0m1.263 ms - 95[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/phpmyadmin2/ [36m301 [0m1.293 ms - 95[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/phpmyadmin3/ [36m301 [0m1.213 ms - 95[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/phpmyadmin4/ [36m301 [0m1.410 ms - 95[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/sql-admin/ [36m301 [0m1.337 ms - 93[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/sql/ [36m301 [0m1.225 ms - 87[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/sqladmin/ [36m301 [0m1.254 ms - 92[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/sqlweb/ [36m301 [0m1.196 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/webadmin/ [36m301 [0m1.336 ms - 92[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/webdb/ [36m301 [0m1.507 ms - 89[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sql/websql/ [36m301 [0m1.216 ms - 90[0m
[0mHEAD http://54.xxx.xxx.xxx:80/sqlmanager/ [36m301 [0m1.521 ms - 90[0m
这些记录最有可能来自想要扫描服务器上管理控制面板的黑客,尽管扫描源的IP地址通常是受黑客攻击的受害者。
您可能希望将fail2ban设置为解决方案。如果您有空闲时间,还可以使用whois服务查找滥用管理员的电子邮件地址,以查找扫描服务器的IP地址并向他们发送投诉,以便他们对恶意IP地址采取适当的措施。