一个探针足矣毁掉一台服务器
探针,可以实时查看服务器硬盘资源、内存占用、网卡流量、系统负载、服务器时间等信息,还能进行服务器性能测试。深受各种站长的喜爱,我也不例外…… 也许很多站长也和我一样,喜欢在自己的网站上放个探针,有事无事观察观察自己的环境,亦或者公开给大家观
探针,可以实时查看服务器硬盘资源、内存占用、网卡流量、系统负载、服务器时间等信息,还能进行服务器性能测试。深受各种站长的喜爱,我也不例外……
也许很多站长也和我一样,喜欢在自己的网站上放个探针,有事无事观察观察自己的环境,亦或者公开给大家观赏。
不过,今天我要告诉大家,这是极度危险的一件事情,那个小小的探针可能就成为KO你服务器的凶手(我不是指探针透露的环境信息)!
就以雅黑探针为例吧。玩了那么多年探针,我们应该知道,探针最耗资源的一项就是浮点运算能力检测了,这需要占用大量的CPU去进行运算,点一次,可能占用的资源不太多,但是,如果你连续点击多次的话……
上图是我连续点了“浮点测试”多次后的结果,我的CPU是I3 2120,可以看出,CPU占用已经到达了100%,而且这时网站也无法正常访问了。直到浮点运算结果出来后,才能正常加载。
这只是人手点击而已,如果用按键精灵的话,恐怕情况更糟糕!
我们再来做一个测试,首先保存以下代码为PHP文件:
<?php function test_float()
{
//得到圆周率值
$t = pi();
$timeStart = gettimeofday();
for($i = 0; $i < 3000000; $i++)
{
//开平方
sqrt($t);
}
$timeEnd = gettimeofday();
$time = ($timeEnd["usec"]-$timeStart["usec"])/1000000+$timeEnd["sec"]-$timeStart["sec"];
$time = round($time, 3)."秒";
return $time;
}
if ($_GET['act'] == "float")
{
$valFloat = test_float();
echo($valFloat);
exit();
}
else
{
echo("Hello world");
}
?>我保存为float.php,那么我访问http://域名/float.php?act=float就会进行float运算。
接下来,我使用某个工具,对float.php?act=float进行连续30秒,每秒钟3000次的GET请求,看看效果如何!
在进行GET请求后,系统平均负载立刻上升,到30/446后,完全定格住了,也就说已经无法正常对网站进行POST或者GET东西了。按F5刷新,网站长久未响应。而且此时,我的系统已经有明显的卡顿感。
连续的GET请求过去了一段时间,但是CPU占用还是保持100%不变,而且网站也仍然未响应,可以看出,CPU还有一大堆的浮点运算还没结束!由于我使用了varnish做前端,因此使用free -m看使用的内存,只有几百MB。
经过上面的测试,我们可以发现,这是一个效果非常明显的攻击,攻击者不需要太多肉鸡,也不需要大带宽,即可干死一台大内存的服务器!而且目前很多网站都是直接跑Apache的,那东西非常耗内存,加上高的CPU占用率,死的更快……
因此,各位站长们,为了你们的服务器的稳定,赶快把探针给撤掉吧……
原文地址:一个探针足矣毁掉一台服务器, 感谢原作者分享。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
Check out the steps to delete a logged-in device on Douyin
Mar 26, 2024 am 09:01 AM
1. First, click to open the Douyin app and click [Me]. 2. Click the three-dot icon in the upper right corner. 3. Click to enter [Settings]. 4. Click to open [Account and Security]. 5. Select and click [Log in to device management]. 6. Finally, click to select the device and click [Remove].
How to configure Dnsmasq as a DHCP relay server
Mar 21, 2024 am 08:50 AM
The role of a DHCP relay is to forward received DHCP packets to another DHCP server on the network, even if the two servers are on different subnets. By using a DHCP relay, you can deploy a centralized DHCP server in the network center and use it to dynamically assign IP addresses to all network subnets/VLANs. Dnsmasq is a commonly used DNS and DHCP protocol server that can be configured as a DHCP relay server to help manage dynamic host configurations in the network. In this article, we will show you how to configure dnsmasq as a DHCP relay server. Content Topics: Network Topology Configuring Static IP Addresses on a DHCP Relay D on a Centralized DHCP Server
How to check your own ID on Xianyu_Introduction to how to check your personal nickname on Xianyu
Mar 22, 2024 am 08:21 AM
As a trading platform, Xianyu requires you to register and log in to your account before using it. Users can set an ID name for their account. What if they want to check what their ID is? Let’s find out together below! Introduction to how to view personal nicknames on Xianyu. First, start the Xianyu app. After entering the homepage, switch to the page of selling idle, messages, and me, and click the [My] option in the lower right corner. 2. Then on my page we need to click [Avatar] in the upper left corner; 2. Then when we go to the personal homepage page we can see different information, we need to click the [Edit Information] button here; 4. Finally click We can see it later on the page where we edit information;
Where to check music rankings on NetEase Cloud Music_How to check music rankings on NetEase Cloud Music
Mar 25, 2024 am 11:40 AM
1. After turning on the phone, select NetEase Cloud Music. 2. After entering the homepage, you can see the [Ranking List] and click to enter. 3. In the ranking list, you can select any list and click [New Song List]. 4. Select your favorite song and click on it. 5. Return to the previous page to see more lists.
How to check how many groups you have joined on WeChat: a simple step
Mar 26, 2024 am 10:06 AM
Regardless of life or work, many people have long been deeply tied to WeChat and will be pulled into various groups at any time. So how many WeChat groups have you joined? You may immediately want to view the group chats in your address book, but only the WeChat groups you have saved in your address book will appear there, and other groups will not be visible. If you want to see all the WeChat groups you have joined, it is very simple: enter your nickname in the search box on the WeChat homepage, then find the group chat section in the search results, and click "More Group Chats" to view all related group chat information. Anyway, I was shocked. There were more than a hundred of them, and the scroll bar on the right became very small. Unfortunately, there is no specific number statistics... This method is also applicable to checking the QQ groups you have joined. PS: Some netizens also provided a trick:
How to install PHP FFmpeg extension on server?
Mar 28, 2024 pm 02:39 PM
How to install PHPFFmpeg extension on server? Installing the PHPFFmpeg extension on the server can help us process audio and video files in PHP projects and implement functions such as encoding, decoding, editing, and processing of audio and video files. This article will introduce how to install the PHPFFmpeg extension on the server, as well as specific code examples. First, we need to ensure that PHP and FFmpeg are installed on the server. If FFmpeg is not installed, you can follow the steps below to install FFmpe
How to view the hot list of Kuaishou Live Companion videos
Mar 29, 2024 pm 08:09 PM
Kuaishou Live Companion is not only a powerful live broadcast auxiliary tool, but also a real-time insight platform for hot topics and trends created for broadcasters. Through this function, anchors can quickly capture the content that audiences are most concerned about, and then adjust the live content to make it more in line with the audience's tastes and interests. So how to check the hot video list in the Kuaishou Live Companion app? This tutorial guide will provide you with a detailed introduction to the steps. I hope it can help you. How to view the hot video list on Kuaishou Live Companion? The second step is to click on the daily video hot list. The third step is to check the daily video hot list.
How to view the Amap Help Center_How to view the Amap Help Center
Apr 01, 2024 pm 05:26 PM
1. We first open the Gaode map. 2. Then click (My) in the lower right corner of the Amap homepage and then click Settings in the upper right corner. 3. Finally, you can see the help center of Amap.
