x.x.x.x - - [10/Nov/2024:00:02:37 +0000] "GET / HTTP/1.1" 301 162 "-" "okhttp/4.9.0"
You know whatโs interesting about this log line? It repeats 56,686,963 times in www.kernel.org logs for yesterday, across 4 nodes. Thatโs about 700 times a second, and this has been going on for months.
These requests arenโt intentionally malicious โ they issue a simple GET /
, receive their 301 redirect, and terminate the connection. From what I can tell, this is some kind of appliance or software installed on mobile clients that uses โcan I reach www.kernel.orgโ as a network test.
This wouldnโt be that big of a deal โ a single plaintext โGET /โ that triggers an immediate 301 is very cheap for us to generate, but the number of these requests has been steadily growing.
If you have any idea what this is and how to make it stop, please reach out?
Not now honey. Daddy's checking to see if anyone liked the stupid joke he posted on the internet.