Apache大量送出封包,沒有log怎麼辦? - BBS
By Rae
at 2006-08-03T01:11
at 2006-08-03T01:11
Table of Contents
現在機器出現大量封包,狂送封包,這是什麼狀況呢?
因為我看access_log和error_log都沒有底下狀況的紀錄,目前毫無頭緒只能用防火牆
拒絕掉86.55.10.153。
Apache版本資訊:Apache/2.0.48 (Unix) PHP/5.0.0b2 mod_ssl/2.0.48 OpenSSL/0.9.7c
謝謝
trafshow資訊
From Address To Address Prot Bytes CPS
================================================================================
192.168.1.1..80 86.55.10.153..35383 tcp 180 12
192.168.1.1..80 86.55.10.153..77 tcp 180 12
192.168.1.1..80 86.55.10.153..7825 tcp 180 12
192.168.1.1..80 86.55.10.153..26482 tcp 180 12
192.168.1.1..80 86.55.10.153..50840 tcp 180 12
192.168.1.1..80 86.55.10.153..25687 tcp 180 12
192.168.1.1..80 86.55.10.153..9313 tcp 180 12
192.168.1.1..80 86.55.10.153..33015 tcp 180 12
tcpdump資訊
00:59:39.436480 192.168.1.1.80 > 86.55.10.153.61596: S 1572964558:1572964558(
0) ack 2827230981 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881428 1
1978045> (DF)
00:59:39.506450 192.168.1.1.80 > 86.55.10.153.37257: S 3566720318:3566720318(
0) ack 4145128809 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881435 2
924866> (DF)
00:59:39.561799 86.55.10.153.19915 > 192.168.1.1.80: S 223885850:223885850(0)
win 32120 <mss 1460,sackOK,timestamp 12540770 671088640,nop,wscale 0> (DF)
00:59:39.561839 192.168.1.1.80 > 86.55.10.153.19915: S 609030470:609030470(0)
ack 223885851 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp 340881440
1254
0770> (DF)
00:59:39.576448 192.168.1.1.80 > 86.55.10.153.18515: S 3803899334:3803899334(
0) ack 1759096373 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881442 1
1578744> (DF)
--
因為我看access_log和error_log都沒有底下狀況的紀錄,目前毫無頭緒只能用防火牆
拒絕掉86.55.10.153。
Apache版本資訊:Apache/2.0.48 (Unix) PHP/5.0.0b2 mod_ssl/2.0.48 OpenSSL/0.9.7c
謝謝
trafshow資訊
From Address To Address Prot Bytes CPS
================================================================================
192.168.1.1..80 86.55.10.153..35383 tcp 180 12
192.168.1.1..80 86.55.10.153..77 tcp 180 12
192.168.1.1..80 86.55.10.153..7825 tcp 180 12
192.168.1.1..80 86.55.10.153..26482 tcp 180 12
192.168.1.1..80 86.55.10.153..50840 tcp 180 12
192.168.1.1..80 86.55.10.153..25687 tcp 180 12
192.168.1.1..80 86.55.10.153..9313 tcp 180 12
192.168.1.1..80 86.55.10.153..33015 tcp 180 12
tcpdump資訊
00:59:39.436480 192.168.1.1.80 > 86.55.10.153.61596: S 1572964558:1572964558(
0) ack 2827230981 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881428 1
1978045> (DF)
00:59:39.506450 192.168.1.1.80 > 86.55.10.153.37257: S 3566720318:3566720318(
0) ack 4145128809 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881435 2
924866> (DF)
00:59:39.561799 86.55.10.153.19915 > 192.168.1.1.80: S 223885850:223885850(0)
win 32120 <mss 1460,sackOK,timestamp 12540770 671088640,nop,wscale 0> (DF)
00:59:39.561839 192.168.1.1.80 > 86.55.10.153.19915: S 609030470:609030470(0)
ack 223885851 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp 340881440
1254
0770> (DF)
00:59:39.576448 192.168.1.1.80 > 86.55.10.153.18515: S 3803899334:3803899334(
0) ack 1759096373 win 57344 <mss 1460,nop,wscale 0,nop,nop,timestamp
340881442 1
1578744> (DF)
--
Tags:
BBS
All Comments
Related Posts
請問如何用sed作指定行插入指定內容
By Ingrid
at 2006-08-01T15:59
at 2006-08-01T15:59
請問make install後的選單出現問題
By Aaliyah
at 2006-08-01T13:34
at 2006-08-01T13:34
請教大家關於帳號移轉的方式
By Sarah
at 2006-08-01T01:22
at 2006-08-01T01:22
請問make install後的選單出現問題
By Emily
at 2006-07-31T15:37
at 2006-07-31T15:37
請問make install後的選單出現問題
By Sandy
at 2006-07-31T15:13
at 2006-07-31T15:13