一个奇怪的ip发送了下面的nginx日志中显示的请求,但是它打算做什么?
我最近使用nginx设置了一个Web服务器,然后,我收到了这些请求。
提前感谢有用的信息。
185.234.217.41 - - [30/Jun/2019:19:35:11 -0700] "GET /wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:12 -0700] "GET /node/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:12 -0700] "GET /hidden/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:13 -0700] "GET /wallet/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:14 -0700] "GET /btc/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:14 -0700] "GET /bitcoin/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:15 -0700] "GET /.bitcoin/wallet/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:15 -0700] "GET /.bitcoin/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:16 -0700] "GET /core/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:17 -0700] "GET /coin/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:17 -0700] "GET /backup/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:18 -0700] "GET /bitcoin/wallet/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
185.234.217.41 - - [30/Jun/2019:19:35:19 -0700] "GET /crypto/wallet.dat HTTP/1.1" 404 5483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" "-"
答案 0 :(得分:1)
他们正试图窃取您的bitcoins(如果有)。
答案很长:人们一直在设置机器人,以扫描Internet上是否有任何配置错误/不安全的Web服务器,这些服务器可能提供不应提供的文件。
wallet.dat
就是这样一个文件。 default filename that the official Bitcoin client is using用于存储私钥。这些私钥提供对您资金的访问权限,因此,如果有人成功设法窃取了该文件(假设您有一个文件),则他们将有权访问您的比特币。
也就是说,如果您的服务器不提供这些文件,则无需担心。