发现一个攻击ip了

告警

一直在进行扫描

微步查了近期攻击行为也较多

唉通知客户了，可是还没封，我这就管个态势，我封他也没用啊。。。。

无结果

啥都没发现啊

其他的一点连不上

同事讨论

原来不止我一人这样啊，我是第四天才看到扫描类的告警，有的同事基本都没看到过

~~求干奥，真的求干奥，能不能卖力点~~

ps：有攻击队被同事溯源了，真的难绷

排名倒一

不对劲啊，我这今天才看到明确攻击行为的告警，怎么我们市倒一，额。。。。应该不是我的责任吧。。。。。真没啥告警啊

不敢求干了，怎么倒一了，真的啥也没看到啊，可疑的也摇人分析了，唉

之前遇到的奇怪的错误堆栈信息的包

终于看到一个比较完整的了

--fe7bae61-bea2-4b14-84e7-e73981c5fd4c  
Content-Disposition: form-data; name="hello"  
Content-Length: 7  
  
android  
--fe7bae61-bea2-4b14-84e7-e73981c5fd4c  
Content-Disposition: form-data; name="photo"; filename="crash_ydhl_MagS{SokCGGatwyIQU.txt"  
Content-Length: 87003  
  
SUPPORTED_64_BIT_ABIS=[Ljava.lang.String;@ced4b57  
versionCode=8  
BOARD=QC_Reference_Phone  
BOOTLOADER=unknown  
TYPE=user  
ID=N2G47H  
TIME=1574127531000  
BRAND=Android  
TAG=Build  
HARDWARE=qcom  
SERIAL=35a4dcd9  
SUPPORTED_ABIS=[Ljava.lang.String;@a47c644  
CPU_ABI=arm64-v8a  
IS_DEBUGGABLE=true  
RADIO=unknown  
MANUFACTURER=QUALCOMM  
IS_EMULATOR=false  
NURSE_LOGID=1149  
SUPPORTED_32_BIT_ABIS=[Ljava.lang.String;@e1e3cd6  
TAGS=test-keys  
CPU_ABI2=  
UNKNOWN=unknown  
PERMISSIONS_REVIEW_REQUIRED=false  
USER=zhiwu  
FINGERPRINT=Android/msm8937_64/msm8937_64:7.1.2/N2G47H/G04S_V3.0_MSM8937_B2_20191119:user/test-keys  
HOST=zhiwubianyi  
versionName=V1.0.7  
PRODUCT=msm8937_64  
DISPLAY=G04S_V3.0_MSM8937_B2_20191119  
MODEL=BN-HH-G02  
DEVICE=msm8937_64  
java.lang.IllegalStateException: Fatal Exception thrown on Scheduler.Worker thread.  
at rx.internal.schedulers.ScheduledAction.run(ScheduledAction.java:62)  
at android.os.Handler.handleCallback(Handler.java:751)  
at android.os.Handler.dispatchMessage(Handler.java:95)  
at android.os.Looper.loop(Looper.java:154)  
at android.app.ActivityThread.main(ActivityThread.java:6121)  
at java.lang.reflect.Method.invoke(Native Method)  
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:889)  
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:779)  
Caused by: rx.exceptions.OnErrorFailedException: Error occurred when trying to propagate error to Observer.onError  
at rx.observers.SafeSubscriber._onError(SafeSubscriber.java:194)  
at rx.observers.SafeSubscriber.onError(SafeSubscriber.java:120)  
at rx.internal.operators.OperatorObserveOn$ObserveOnSubscriber.pollQueue(OperatorObserveOn.java:191)  
at rx.internal.operators.OperatorObserveOn$ObserveOnSubscriber$2.call(OperatorObserveOn.java:162)  
at rx.internal.schedulers.ScheduledAction.run(ScheduledAction.java:55)  
... 7 more  
Caused by: rx.exceptions.CompositeException: 2 exceptions occurred.  
... 12 more  
Caused by: rx.exceptions.CompositeException$CompositeExceptionCausalChain: Chain of Causes for CompositeException In Order Received =>  
at com.yuexunit.mobilenurse.util.CrashManager.saveCrashInfo2File(CrashManager.java:157)  
at com.yuexunit.mobilenurse.util.CrashManager.handleException(CrashManager.java:105)  
at com.yuexunit.mobilenurse.util.CrashManager.uncaughtException(CrashManager.java:68)  
at java.lang.ThreadGroup.uncaughtException(ThreadGroup.java:1068)  
at java.lang.ThreadGroup.uncaughtException(ThreadGroup.java:1063)  
at rx.internal.schedulers.ScheduledAction.run(ScheduledAction.java:66)  
... 7 more  
Caused by: java.net.SocketTimeoutException: timeout  
at com.android.okhttp.okio.Okio$3.newTimeoutException(Okio.java:212)  
at com.android.okhttp.okio.AsyncTimeout.exit(AsyncTimeout.java:261)  
at com.android.okhttp.okio.AsyncTimeout$2.read(AsyncTimeout.java:215)  
at com.android.okhttp.okio.RealBufferedSource.indexOf(RealBufferedSource.java:306)  
at com.android.okhttp.okio.RealBufferedSource.indexOf(RealBufferedSource.java:300)  
at com.android.okhttp.okio.RealBufferedSource.readUtf8LineStrict(RealBufferedSource.java:196)  
at com.android.okhttp.internal.http.HttpConnection.readResponse(HttpConnection.java:191)  
at com.android.okhttp.internal.http.HttpTransport.readResponseHeaders(HttpTransport.java:80)  
at com.android.okhttp.internal.http.HttpEngine.readNetworkResponse(HttpEngine.java:907)