您的位置:360文档中心› 服务器系统日志管理(jp)

服务器系统日志管理(jp)

合集下载
相关主题
  1. 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
  2. 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
  3. 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。

Windows

Internet Information Server

SQL Server

2

Explorer

3

MMC

MMC

mmc/a

SQL Enterprise Manager IIS

4

MMC

5

6

MMC

Internet Information Server

IIS

%SystemRoot%¥system32¥Logfiles

IIS

Web

8

9

IIS

ODBC

Windows 2003 Server IIS 6.0

IP

IIS ClientHost, Username,LogTime, Service, Machine,ServerIP,

ProcessingTime,BytesRecvd,BytesSent,ServiceStatus, Win32Status,

Operation, Target, Parameters

10

IIS

Cookie

IP

IP

URI

#Fields: time c-ip cs-method cs-uri-stem sc-status

00:57:12 xx.xx.xx.xx POST /iishelp/iis/misc/Query.asp 200

URI

#Fields: time c-ip cs-method cs-uri-stem cs-uri-query sc-status 00:58:45 xx.xx.xx.xx POST /iishelp/iis/misc/Query.asp

SearchType=0 200

01:14:55 xx.xx.xx.xx POST /iishelp/iis/misc/Query.asp SearchType=3 200 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+.NET+CLR+1.1.4322)

12

URI

URI

13

GET URI POST Cookie

#Fields: time c-ip cs-method cs-uri-stem cs-uri-query sc-status cs(Cookie)cs(Referer) 02:35:53 xx.xx.xx.xx GET /iishelp/iis/misc/search.asp Searchset=3&SearchString= 200 ASPSESSIONIDGGQGGVFC=IFFFPKHBBLNMNEIFJJBPHOMB

http://localhost/iishelp/iis/misc/default.asp

02:35:55 xx.xx.xx.xx POST /iishelp/iis/misc/Query.asp SearchType=3 200 ASPSESSIONIDGGQGGVFC=IFFFPKHBBLNMNEIFJJBPHOMB

http://localhost/iishelp/iis/misc/search.asp?Searchset=3&SearchString=

14

Web

GET URI

POST

XSS

15

IDS

16

/cgi-bin 2005-01-25 04:44:31 192.168.35.52 GET /cgi-bin/main.cgi

board=FREE_BOARD&command=down_load&filename=../../../../ 80 -

192.168.35.217 -404 0 3 1800 150

2005-01-25 04:44:31 192.168.35.52 GET /cgi-bin/main.cgi

board=FREE_BOARD&command=down_load&filename=../../../../../../../../../.

./etc/passwd80 -192.168.35.217 -404 0 3 1800 178

2005-01-25 04:44:31 192.168.35.52 GET /cgi-bin/main_menu.pl -80 -192.168.35.217 -404 0 3 1800 97

2005-01-25 04:44:31 192.168.35.52 GET /cgi-bin/majordomo.pl -80 -192.168.35.217 -404 0 3 1800 97

2005-01-25 04:44:31 192.168.35.52 GET /cgi-

bin/makechanges/easysteps/easysteps.pl -80 -192.168.35.217 -404 0 3

1800 119

2005-01-25 04:44:31 192.168.35.52 GET /cgi-bin/man.sh-80 -

192.168.35.217 -404 0 3 1800 91

17

InteInfo

2005-01-25 05:12:46 192.168.35.52 GET /..%2f..%2f..%2f..%2fwinnt/system32/cmd.exe /c+dir+c: 80 -192.168.35.217 -404 0 3 1800 137

2005-01-25 05:12:46 192.168.35.52 GET

/..%5c..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe /c+dir+c:¥80 -

192.168.35.217 -404 0 3 1800 148

2005-01-25 05:12:46 192.168.35.52 GET

/..%5c..%5c..%5c..%5cwin2000/system32/cmd.exe /c+dir 80 -192.168.35.217 -404

0 3 1800 136

2005-01-25 05:12:46 192.168.35.52 GET

/..%5c..%5c..%5c..%5cwindows/system32/cmd.exe /c+dir 80 -192.168.35.217 -404

0 3 1800 136

2005-01-25 05:12:46 192.168.35.52 GET

/..%5c..%5c..%5c..%5cwinnt/system32/cmd.exe /c+dir 80 -192.168.35.217 -404 0 3 1800 134

2005-01-25 05:12:46 192.168.35.52 GET /..%5c..%5cwinnt/system32/cmd.exe /c+dir+c:

80 -192.168.35.217 -404 0 3 1800 123

18

相关文档
最新文档