出现一个奇怪异常事件!是不是服务器被攻击了!!!
异常如下!!!!请各位大侠看看是什么原因??--------------------编程问答-------------------- 看看下面的链接能否帮到你。
事件代码: 3005
事件消息: 发生了未处理的异常。
事件时间: 2011-3-7 12:27:46
事件时间(UTC): 2011-3-7 4:27:46
事件 ID: ceb68911c52c4029a010af2cf26adadf
事件序列: 1527
事件匹配项: 1
事件详细信息代码: 0
应用程序信息:
应用程序域: /LM/W3SVC/101769548/Root-1-129439402875183833
信任级别: Full
应用程序虚拟路径: /
应用程序路径: D:\wwwroot\new_web\
计算机名: SVCTAG-FFQH13X
进程信息:
进程 ID: 408
进程名: w3wp.exe
帐户名: NT AUTHORITY\NETWORK SERVICE
异常信息:
异常类型: FormatException
异常消息: 输入字符串的格式不正确。
请求信息:
请求 URL: http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'http://www.xxxxxxxxx.cn/Page/ShowArticle.aspx?ID=1413'%20and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='and%20char(124)%2Buser%2Bchar(124)=0%20and%20''='
请求路径: %21
用户主机地址: %22
用户: %23
是否已经过身份验证: %24
身份验证类型: %25
线程帐户名: %26
线程信息:
线程 ID: %27
线程帐户名: %28
是否正在模拟: %29
堆栈跟踪: %30
自定义事件详细信息:
%14
有关更多信息,请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持中心。
传送师 --------------------编程问答-------------------- 很明显的一个恶意请求! --------------------编程问答-------------------- 一个典型的SQL注入攻击...虽然没有成功,但是你的程序也没有处理直接就抛异常了...你的代码还需要完善啊... --------------------编程问答--------------------
请问这种应该怎么处理??? --------------------编程问答-------------------- 防范SQL注入有很多方法你搜索一下吧...不过你至少也得try catch吧,至少也得自定义错误页面吧... --------------------编程问答--------------------
有自定义错误页面啊 --------------------编程问答-------------------- 解决方法:
1、Request.ServerVariables["QUERY_STRING"]
正则过滤上面非法的请求参数字符
2、参数化的SQL查询
3、try{}
catch(Exception e)
{
//捕获异常信息写入库,方便管理维护
} --------------------编程问答-------------------- 7楼说的对 --------------------编程问答--------------------
--------------------编程问答--------------------
嗯,你是咋记录的这个错误呢,我似乎得到的没这么细致
--------------------编程问答--------------------
你啥都不用做 这是系统日志 asp.net所有错误 警告系统都会默认记录的,可以方便查看 --------------------编程问答--------------------
这个……我都是自己输出的,系统日志在哪看捏,我在事件查看器里咋没有对应的iis的日志 --------------------编程问答-------------------- 正则过滤关键字 --------------------编程问答-------------------- 防sql注入
补充:.NET技术 , ASP.NET
