I was evaluating the log开发者_开发问答s for a website I help run and I noticed a repeating pattern of strange requests. The requests are all very similar, and from different IP addresses (possibly a bot net?). I am curious if anybody understands what the point of such a bizarre request is and if there is a security concern:
%5BPLM=0%5D+GET+http://example.org/+%5B0,7309,7252%5D+-%3E+%5BN%5D+POST+http://example.org/+%5B0,0,7329%5D
which decodes to:
[PLM=0] GET http://example.org/ [0,7309,7252] -> [N] POST http://example.org/ [0,0,7329]
Anything you dont recognize can be construed as a security concern and if its happening at any significant volume than I would consider it a threat and start finding a way to filter them out via some access rules / firewall, etc
精彩评论