🔥 IPS 威脅報告與惡意 IP 監控

本報告彙整了 2ns.org 監測節點偵測到的即時攻擊行為。包含 SQL InjectionXSS 跨站腳本 以及非法檔案存取嘗試。提供管理者作為防火牆黑名單設定參考。

最後更新:2026-03-06 17:34:13   📥 下載完整報告

時間攻擊名稱來源 IP (下載威脅IP清單)動作
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.211dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.187dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.211dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.187dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.211dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.187dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.211dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.187dropped
-PHP.CGI.Argument.Injection34.19.127.182dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.211dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.206dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.206dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.206dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.206dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.206dropped
-ThinkPHP.Controller.Parameter.Remote.Code.Execution34.19.116.54dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.116.61dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.116.61dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.116.61dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.116.61dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.116.61dropped
-ThinkPHP.Controller.Parameter.Remote.Code.Execution34.19.116.62dropped
-Apache.HTTP.Server.mod_proxy.SSRF34.19.127.177dropped
-Apache.HTTP.Server.mod_proxy.SSRF34.19.127.200dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.186dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.116.52dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.186dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.116.52dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.186dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.116.52dropped
-Apache.HTTP.Server.cgi-bin.Path.Traversal34.19.127.182dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.186dropped
-Apache.HTTP.Server.cgi-bin.Path.Traversal34.19.127.178dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.116.52dropped
-PHP.CGI.Argument.Injection34.19.127.182dropped
-Apache.HTTP.Server.cgi-bin.Path.Traversal34.19.127.182dropped
-PHP.CGI.Argument.Injection34.19.127.187dropped
-Web.Server.Password.File.Access34.19.116.56dropped
-Apache.HTTP.Server.mod_proxy.SSRF34.19.127.199dropped
-Apache.Log4j.Error.Log.Remote.Code.Execution34.19.127.186dropped
-ThinkPHP.Controller.Parameter.Remote.Code.Execution34.19.116.52dropped
-Apache.HTTP.Server.cgi-bin.Path.Traversal34.19.127.178dropped
-Web.Server.Password.File.Access34.19.127.181dropped
-Mirai.Botnet45.128.118.160dropped
-HTTP.URI.SQL.Injection186.6.183.67dropped
-HTTP.URI.SQL.Injection186.6.183.67dropped
-HTTP.URI.SQL.Injection186.6.183.67dropped
-HTTP.URI.SQL.Injection186.6.183.67dropped
-HTTP.URI.SQL.Injection186.6.183.67dropped
-HTTP.URI.SQL.Injection186.6.183.67dropped

🔍 網路安全威脅解析 (Security Knowledge)

• SQL 注入 (SQL Injection)
攻擊者嘗試透過輸入框執行惡意資料庫指令,可能導致資料外洩或被刪除。
• 跨站腳本 (XSS)
嘗試在網頁注入惡意腳本,用於竊取 User Session 或劫持瀏覽器權限。
• 敏感檔案存取 (LFI/RFI)
針對伺服器設定檔(如 /etc/passwd)的非法讀取行為,通常為入侵前兆。
🛠️ 給管理員的建議:
1. 定期將此報告中的高風險 IP 匯入防火牆或 WAF 進行封鎖。
2. 搭配 IP 信譽與黑名單整合查詢 即時分析 IP ,並同步比對國際 DNSBL 黑名單。