0
最近,我發現我的服務器由jetty構建似乎受到攻擊。Jetty服務器似乎受到ddos攻擊
當我無法進入我的網頁後,我發現這是「太多打開的文件」異常。
然後,我從lsof轉儲了日誌。
java 1434 root 592u IPv6 224516242 0t0 TCP xx.xxxx.xx:87->204.15.135.116:49241 (FIN_WAIT2)
java 1434 root 593u IPv6 224516243 0t0 TCP xx.xxxx.xx:87->204.15.135.116:49275 (FIN_WAIT2)
java 1434 root 594u IPv6 224516244 0t0 TCP xx.xxxx.xx:87->204.15.135.116:49312 (FIN_WAIT2)
java 1434 root 595u IPv6 224516245 0t0 TCP xx.xxxx.xx:87->204.15.135.116:49366 (FIN_WAIT2)
java 1434 root 596u IPv6 224516246 0t0 TCP xx.xxxx.xx:87->204.15.135.116:49398 (FIN_WAIT2)
java 1434 root 597u IPv6 224516247 0t0 TCP xx.xxxx.xx:87->204.15.135.116:49426 (FIN_WAIT2)
java 1434 root 598u IPv6 224516248 0t0 TCP xx.xxxx.xx:87->204.15.135.116:49465 (FIN_WAIT2)
...
...
java 1434 root 728u IPv6 342047978 0t0 TCP xx.xxxx.xx:87->baiduspider-123-125-71-29.crawl.baidu.com:52473 (FIN_WAIT2)
java 1434 root 729u IPv6 344672761 0t0 TCP xx.xxxx.xx:87->baiduspider-123-125-71-34.crawl.baidu.com:38300 (FIN_WAIT2)
java 1434 root 730u IPv6 342159973 0t0 TCP xx.xxxx.xx:87->baiduspider-123-125-71-28.crawl.baidu.com:60379 (FIN_WAIT2)
java 1434 root 731u IPv6 342165176 0t0 TCP xx.xxxx.xx:87->baiduspider-220-181-108-157.crawl.baidu.com:30515 (FIN_WAIT2)
java 1434 root 732u IPv6 342494647 0t0 TCP xx.xxxx.xx:87->baiduspider-123-125-71-97.crawl.baidu.com:51496 (FIN_WAIT2)
java 1434 root 733u IPv6 342623082 0t0 TCP xx.xxxx.xx:87->baiduspider-220-181-108-141.crawl.baidu.com:28979 (FIN_WAIT2)
java 1434 root 734u IPv6 342499841 0t0 TCP xx.xxxx.xx:87->baiduspider-220-181-108-110.crawl.baidu.com:19578 (FIN_WAIT2)
java 1434 root 735u IPv6 342768198 0t0 TCP xx.xxxx.xx:87->baiduspider-220-181-108-155.crawl.baidu.com:56385 (FIN_WAIT2)
java 1434 root 736u IPv6 342874997 0t0 TCP xx.xxxx.xx:87->baiduspider-220-181-108-99.crawl.baidu.com:36623 (FIN_WAIT2)
java 1434 root 737u IPv6 343004455 0t0 TCP xx.xxxx.xx:87->baiduspider-220-181-108-103.crawl.baidu.com:56756 (FIN_WAIT2)
java 1434 root 738u IPv6 343215387 0t0 TCP xx.xxxx.xx:87->baiduspider-220-181-108-115.crawl.baidu.com:38924 (FIN_WAIT2)
java 1434 root 739u IPv6 343311431 0t0 TCP xx.xxxx.xx:87->baiduspider-123-125-71-47.crawl.baidu.com:46495 (FIN_WAIT2)
java 1434 root 740u IPv6 343115288 0t0 TCP xx.xxxx.xx:87->baiduspider-220-181-108-123.crawl.baidu.com:15823 (FIN_WAIT2)
java 1434 root 741u IPv6 343420236 0t0 TCP xx.xxxx.xx:87->baiduspider-123-125-71-56.crawl.baidu.com:35342 (FIN_WAIT2)
java 1434 root 742u IPv6 343916808 0t0 TCP xx.xxxx.xx:87->baiduspider-220-181-108-139.crawl.baidu.com:49866 (FIN_WAIT2)
有許多FIN_WAIT2狀態。
似乎有人試圖與我的服務器建立不完整的連接。
我需要知道如何防止FIN_WAIT2狀態,因爲它會使服務器崩潰。
我的碼頭版本是6.1.26。謝謝。
也許這個線程可以幫助(雖然是針對較新版本的jetty):https://bugs.eclipse.org/bugs/show_bug.cgi?id = 364921另外,如果你不需要被百度爬蟲,谷歌如何阻止他們。 – 2015-03-31 02:28:57
感謝您的信息! – Mozzan 2015-04-01 00:42:58