I have a website, let's call it www.good.com.
I've been getting a lot of requests to www.good.com under completely different URLs than www.good.com. I suspect this traffic is also causing some site performance issues. I'm running a .NET solution on IIS for reference.
I have a logger that is constantly picking up 404 errors for external hosts. Below are examples of some of the log data:
Original URL: http://ift.tt/1EaQ0tY
Request URL: http://ift.tt/1EaPYlN %911 h%8D%BAX '%C3x5%F0 %DF%E8&peer_id=-SD0100-%E6%B2 Ql%C0 ]=x %8C&ip=192.168.2.23&port=8956&uploaded=1019809319&downloaded=1019809319&left=192985&numwant=200&key=9135&compact=1
Request Path: /announce
Referrer URL: None
User host address: 222.210.108.246
Server: WWW-GOOD-COM-SERVER
User:
IsAuthenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
User Agent: Bittorrent
I also see other weird requests from all kinds of other domains, like
- vl.ff.avast.com
- graph.facebook.com
- eztv.tracker.thepiratebay.org
- trackhub.appspot.com
Almost always the IP involved is from outside the US.
What I don't understand, is why my server is trying to fulfill requests for any of these urls when it is obviously not the host.
I need to know:
- Why this could be happening
- If this activity seems dangerous
- How I should attempt to prevent it, if possible.
Aucun commentaire:
Enregistrer un commentaire