今天查看我的评估日志时,我发现有很多条目试图访问页面(但这些页面并不存在)。例如
- robots.txt(我知道这是用来做什么的)
- 申请
- 网站图标.ico(我知道这是用来做什么的)
- ETC
因此,显然404返回了 a,但是除了 404 之外还有其他 3 位数字代码(?)。
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 312
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 285
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 286
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 287
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 288
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 289
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 290
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 295
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 296
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 297
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 298
ip-address - - [date & time] "GET /some/file_OR_folder HTTP/1.1" 404 301
搜索给了我这个:ossec 检测到的攻击样本 - OSSEC Wiki:也就是说,是的a web scan detected by ossec (looking for Wordpress, xmlrpc and awstats)。
上面日志中的第二个状态代码(286、289)是什么意思?
答案1
它们不是状态代码,而是以字节为单位的响应长度。