在 2021/2/4 下午1:22, the...@sys-concept.com 写道:
I'm perplex with this entry in apache log. I'm sure it was done by same person as the timing is very sequential and same file-name request, but how they were able to lunch an attack from a different IP's different geographical locations. Can they spoof an IP?
This is very common.If someone intentionally attacks, they usually have an IP pool to avoid being blocked. Also ISP sometimes give dynamic IP to users, cause IP changes of normal users.
And one suggestion, just put part of an IP to the list, use '*' to replace some fields
to avoid information leakage -- bobwxc F645 5C7A 08E8 A637 24C6 D59E 36E9 4EAB B53E 516B
OpenPGP_signature
Description: OpenPGP digital signature
