关于 GFW 主动探测 SSL(SPDY?)站点的研究

2014-04-17 03:26:20 +08:00
 usernametoolong
https://plus.google.com/+%E9%99%88%E5%B0%91%E4%B8%BEelf/posts/jaoJpdLkXCg

gfw越来越牛逼了啊
1828 次点击
所在节点    分享发现
3 条回复
dndx
2014-04-17 04:04:20 +08:00
既然他喜欢探测 SSL ,应该设个 Heartbleed 反向蜜罐,dump 他的内存。
jasontse
2014-04-17 08:24:04 +08:00
我这里也有类似记录,但是数量很少

180.109.196.40 - - [15/Feb/2014:02:08:57 +0000] "GET / HTTP/1.1" 302 276 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
42.91.186.96 - - [15/Feb/2014:02:34:37 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
111.162.141.101 - - [15/Feb/2014:03:44:14 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
101.24.217.241 - - [15/Feb/2014:05:07:07 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
182.110.9.34 - - [15/Feb/2014:06:20:54 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
49.65.192.21 - - [15/Feb/2014:07:09:31 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
110.249.15.204 - - [15/Feb/2014:13:27:47 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
36.33.6.234 - - [16/Feb/2014:08:18:55 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
115.204.94.126 - - [16/Feb/2014:08:29:39 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
36.33.5.3 - - [16/Feb/2014:11:29:48 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
116.113.67.107 - - [16/Feb/2014:17:53:46 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
14.135.100.17 - - [17/Feb/2014:00:48:12 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
110.16.205.88 - - [17/Feb/2014:01:31:23 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
221.14.172.98 - - [18/Feb/2014:06:35:21 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
211.139.95.96 - - [20/Feb/2014:23:57:13 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
222.137.112.192 - - [22/Feb/2014:04:10:29 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
117.39.24.253 - - [22/Feb/2014:16:51:59 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
220.173.19.46 - - [23/Feb/2014:02:50:12 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
175.184.165.187 - - [23/Feb/2014:03:17:35 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
112.66.7.214 - - [23/Feb/2014:03:43:05 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
58.243.226.106 - - [23/Feb/2014:03:54:22 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
111.162.137.101 - - [24/Feb/2014:10:40:32 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
60.166.246.88 - - [25/Feb/2014:02:26:50 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
221.207.33.239 - - [25/Feb/2014:03:02:11 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
122.235.189.173 - - [25/Feb/2014:14:21:39 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
114.222.206.80 - - [26/Feb/2014:01:39:22 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
182.119.74.71 - - [26/Feb/2014:05:02:45 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
60.16.13.158 - - [26/Feb/2014:05:28:25 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
221.204.148.189 - - [26/Feb/2014:20:17:58 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
111.162.147.154 - - [27/Feb/2014:06:56:19 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
124.160.236.70 - - [27/Feb/2014:13:45:57 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
117.14.150.149 - - [28/Feb/2014:07:35:40 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
124.66.14.113 - - [28/Feb/2014:21:24:54 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
124.90.48.176 - - [01/Mar/2014:16:54:22 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
36.33.4.246 - - [02/Mar/2014:05:24:27 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
60.216.137.206 - - [02/Mar/2014:14:44:42 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
36.33.3.7 - - [02/Mar/2014:19:52:22 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
119.4.7.137 - - [03/Mar/2014:03:27:11 +0000] "GET / HTTP/1.1" 302 161 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
tammy
2014-04-17 08:45:10 +08:00
我的独立IP带SSL的博客上面经常会出现这样的记录

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/108900

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX