現在機器出現大量封包,狂送封包,這是什麼狀況呢?
因為我看access_log和error_log都沒有底下狀況的紀錄,目前毫無頭緒只能用防火牆
拒絕掉86.55.10.153。
Apache版本資訊:Apache/2.0.48 (Unix) PHP/5.0.0b2 mod_ssl/2.0.48 OpenSSL/0.9.7c
謝謝
trafshow資訊
From Address To Address Prot Bytes CPS
================================================================================
192.168.1.1..80 86.55.10.153..35383 tcp 180 12
192.168.1.1..80 86.55.10.153..77 tcp 180 12
192.168.1.1..80 86.55.10.153..7825 tcp 180 12
192.168.1.1..80 86.55.10.153..26482 tcp 180 12
192.168.1.1..80 86.55.10.153..50840 tcp 180 12
192.168.1.1..80 86.55.10.153..25687 tcp 180 12
192.168.1.1..80 86.55.10.153..9313 tcp 180 12
192.168.1.1..80 86.55.10.153..33015 tcp 180 12
tcpdump資訊
00:59:39.436480 192.168.1.1.80 > 86.55.10.153.61596: S 1572964558:1572964558(
0) ack 2827230981 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881428 1
1978045> (DF)
00:59:39.506450 192.168.1.1.80 > 86.55.10.153.37257: S 3566720318:3566720318(
0) ack 4145128809 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881435 2
924866> (DF)
00:59:39.561799 86.55.10.153.19915 > 192.168.1.1.80: S 223885850:223885850(0)
win 32120 <mss 1460,sackOK,timestamp 12540770 671088640,nop,wscale 0> (DF)
00:59:39.561839 192.168.1.1.80 > 86.55.10.153.19915: S 609030470:609030470(0)
ack 223885851 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp 340881440
1254
0770> (DF)
00:59:39.576448 192.168.1.1.80 > 86.55.10.153.18515: S 3803899334:3803899334(
0) ack 1759096373 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881442 1
1578744> (DF)
--
因為我看access_log和error_log都沒有底下狀況的紀錄,目前毫無頭緒只能用防火牆
拒絕掉86.55.10.153。
Apache版本資訊:Apache/2.0.48 (Unix) PHP/5.0.0b2 mod_ssl/2.0.48 OpenSSL/0.9.7c
謝謝
trafshow資訊
From Address To Address Prot Bytes CPS
================================================================================
192.168.1.1..80 86.55.10.153..35383 tcp 180 12
192.168.1.1..80 86.55.10.153..77 tcp 180 12
192.168.1.1..80 86.55.10.153..7825 tcp 180 12
192.168.1.1..80 86.55.10.153..26482 tcp 180 12
192.168.1.1..80 86.55.10.153..50840 tcp 180 12
192.168.1.1..80 86.55.10.153..25687 tcp 180 12
192.168.1.1..80 86.55.10.153..9313 tcp 180 12
192.168.1.1..80 86.55.10.153..33015 tcp 180 12
tcpdump資訊
00:59:39.436480 192.168.1.1.80 > 86.55.10.153.61596: S 1572964558:1572964558(
0) ack 2827230981 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881428 1
1978045> (DF)
00:59:39.506450 192.168.1.1.80 > 86.55.10.153.37257: S 3566720318:3566720318(
0) ack 4145128809 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881435 2
924866> (DF)
00:59:39.561799 86.55.10.153.19915 > 192.168.1.1.80: S 223885850:223885850(0)
win 32120 <mss 1460,sackOK,timestamp 12540770 671088640,nop,wscale 0> (DF)
00:59:39.561839 192.168.1.1.80 > 86.55.10.153.19915: S 609030470:609030470(0)
ack 223885851 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp 340881440
1254
0770> (DF)
00:59:39.576448 192.168.1.1.80 > 86.55.10.153.18515: S 3803899334:3803899334(
0) ack 1759096373 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881442 1
1578744> (DF)
--
All Comments