Fatal编程技术网
  • server/
  • Server 亚马逊探测/管理是否有正当理由

Server 亚马逊探测/管理是否有正当理由

server ip web-crawler

Server 亚马逊探测/管理是否有正当理由,server,ip,web-crawler,amazon,probe,Server,Ip,Web Crawler,Amazon,Probe,从原始服务器日志中,我发现了以下内容: 52.42.136.103 02/Aug/2016:17:58:12 GET /administrator/ 54.234.186.225 03/Aug/2016:16:48:55 GET /administrator/ 54.149.57.2 04/Aug/2016:18:40:55 GET /administrator/ 52.40.119.32 06/Aug/2016:09:34:37 GET /admin

从原始服务器日志中,我发现了以下内容:

52.42.136.103 02/Aug/2016:17:58:12 GET /administrator/ 54.234.186.225 03/Aug/2016:16:48:55 GET /administrator/ 54.149.57.2 04/Aug/2016:18:40:55 GET /administrator/ 52.40.119.32 06/Aug/2016:09:34:37 GET /administrator/ 52.40.119.32 08/Aug/2016:06:02:45 GET /administrator/ 52.42.136.103 02/Aug/2016:17:58:12 GET/administrator/ 54.234.186.225 03/Aug/2016:16:48:55 GET/administrator/ 54.149.57.204/Aug/2016:18:40:55 GET/administrator/ 52.40.119.32 06/Aug/2016:09:34:37获取/管理员/ 52.40.119.32 08/Aug/2016:06:02:45 GET/administrator/ ip都属于Amazon Technologies(我没有/admin目录)

我习惯于在俄罗斯和越南等地看到这种随机探测的东西(/wp admin,/wp blog/,/dir…),我一直认为这背后有某种邪恶的动机。有?亚马逊为什么要这么做?杰夫·贝佐斯(Jeff Bezos)失控了吗?

亚马逊本身并没有抓取你的网站,但更有可能是他们的一些EC2用户(即云上租用的服务器)。如果您认为亚马逊的用户正在做非法或滥用的事情,请参阅下面的电子邮件地址,以联系亚马逊

whois 52.40.119.32 

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=52.40.119.32?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange:       52.32.0.0 - 52.63.255.255
CIDR:           52.32.0.0/11
NetName:        AT-88-Z
NetHandle:      NET-52-32-0-0-1
Parent:         NET52 (NET-52-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Amazon Technologies Inc. (AT-88-Z)
RegDate:        2015-09-02
Updated:        2015-09-02
Ref:            https://whois.arin.net/rest/net/NET-52-32-0-0-1

OrgName:        Amazon Technologies Inc.
OrgId:          AT-88-Z
Address:        410 Terry Ave N.
City:           Seattle
StateProv:      WA
PostalCode:     98109
Country:        US
RegDate:        2011-12-08
Updated:        2014-10-20
Comment:        All abuse reports MUST include:
Comment:        * src IP
Comment:        * dest IP (your IP)
Comment:        * dest port
Comment:        * Accurate date/timestamp and timezone of activity
Comment:        * Intensity/frequency (short log extracts)
Comment:        * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref:            https://whois.arin.net/rest/org/AT-88-Z


OrgTechHandle: ANO24-ARIN
OrgTechName:   Amazon EC2 Network Operations
OrgTechPhone:  +1-206-266-4064 
OrgTechEmail:  amzn-noc-contact@amazon.com
OrgTechRef:    https://whois.arin.net/rest/poc/ANO24-ARIN

OrgAbuseHandle: AEA8-ARIN
OrgAbuseName:   Amazon EC2 Abuse
OrgAbusePhone:  +1-206-266-4064 
OrgAbuseEmail:  abuse@amazonaws.com
OrgAbuseRef:    https://whois.arin.net/rest/poc/AEA8-ARIN

OrgNOCHandle: AANO1-ARIN
OrgNOCName:   Amazon AWS Network Operations
OrgNOCPhone:  +1-206-266-4064 
OrgNOCEmail:  amzn-noc-contact@amazon.com
OrgNOCRef:    https://whois.arin.net/rest/poc/AANO1-ARIN
好的,这是有道理的。我几乎可以假设他们至少希望虐待,对吧?我想不出有什么正当理由发送/admin探测器,也不知道这是怎么一个意外。(当然,“探测”听起来不祥)