ufw.log常有IP掃過? - Linux
By Carolina Franco
at 2015-12-07T19:07
at 2015-12-07T19:07
Table of Contents
大家好,小弟菜b巴
有個問題想要請教
小弟雖然用了ubuntu一段時間,但是基本上都當windows再用
頂多ls一下,用cd切個目錄vim打個東西
或是cat看看文件
最近因為某種機會看了sys.log發現裏面真的非常多系統資訊
甚至 /var/log下的每個log都開出來描個幾眼
但其中有個ufw.log(防火牆日誌)
幾乎每分鐘都有
///********************///
Dec 7 19:00:54 ViewBook kernel: [ 1420.965546] [UFW BLOCK] IN=ppp0 OUT=
MAC= SRC=140.116.194.141 DST=1.165.41.33 LEN=52 TOS=0x00 PREC=0x00 TTL=119
ID=30863 DF PROTO=TCP SPT=9482 DPT=8579 WINDOW=8192 RES=0x00 SYN URGP=0
Dec 7 19:01:14 ViewBook kernel: [ 1440.771120] [UFW BLOCK] IN=ppp0 OUT=
MAC= SRC=1.168.87.155 DST=1.165.41.33 LEN=52 TOS=0x00 PREC=0x00 TTL=125
ID=19834 DF PROTO=TCP SPT=13444 DPT=8579 WINDOW=8192 RES=0x00 SYN URGP=0
Dec 7 19:01:34 ViewBook kernel: [ 1460.700527] [UFW BLOCK] IN=ppp0 OUT=
MAC= SRC=1.163.110.4 DST=1.165.41.33 LEN=52 TOS=0x00 PREC=0x00 TTL=122 ID=1193
DF PROTO=TCP SPT=11738 DPT=8579 WINDOW=8192 RES=0x00 SYN URGP=0
Dec 7 19:01:54 ViewBook kernel: [ 1481.159466] [UFW BLOCK] IN=ppp0 OUT=
MAC= SRC=110.159.8.247 DST=1.165.41.33 LEN=52 TOS=0x00 PREC=0x00 TTL=51
ID=24374 DF PROTO=TCP SPT=11346 DPT=8579 WINDOW=8192 RES=0x00 SYN URGP=0
///**************///
這樣子的訊息
小弟爬了一下,爬到的是
那些都是全世界的僵屍網路ping出來的?(居然還有116囧(成大))
這次數也太頻繁了吧......
windows的防火牆日誌也有類似的訊息嗎?
--
有個問題想要請教
小弟雖然用了ubuntu一段時間,但是基本上都當windows再用
頂多ls一下,用cd切個目錄vim打個東西
或是cat看看文件
最近因為某種機會看了sys.log發現裏面真的非常多系統資訊
甚至 /var/log下的每個log都開出來描個幾眼
但其中有個ufw.log(防火牆日誌)
幾乎每分鐘都有
///********************///
Dec 7 19:00:54 ViewBook kernel: [ 1420.965546] [UFW BLOCK] IN=ppp0 OUT=
MAC= SRC=140.116.194.141 DST=1.165.41.33 LEN=52 TOS=0x00 PREC=0x00 TTL=119
ID=30863 DF PROTO=TCP SPT=9482 DPT=8579 WINDOW=8192 RES=0x00 SYN URGP=0
Dec 7 19:01:14 ViewBook kernel: [ 1440.771120] [UFW BLOCK] IN=ppp0 OUT=
MAC= SRC=1.168.87.155 DST=1.165.41.33 LEN=52 TOS=0x00 PREC=0x00 TTL=125
ID=19834 DF PROTO=TCP SPT=13444 DPT=8579 WINDOW=8192 RES=0x00 SYN URGP=0
Dec 7 19:01:34 ViewBook kernel: [ 1460.700527] [UFW BLOCK] IN=ppp0 OUT=
MAC= SRC=1.163.110.4 DST=1.165.41.33 LEN=52 TOS=0x00 PREC=0x00 TTL=122 ID=1193
DF PROTO=TCP SPT=11738 DPT=8579 WINDOW=8192 RES=0x00 SYN URGP=0
Dec 7 19:01:54 ViewBook kernel: [ 1481.159466] [UFW BLOCK] IN=ppp0 OUT=
MAC= SRC=110.159.8.247 DST=1.165.41.33 LEN=52 TOS=0x00 PREC=0x00 TTL=51
ID=24374 DF PROTO=TCP SPT=11346 DPT=8579 WINDOW=8192 RES=0x00 SYN URGP=0
///**************///
這樣子的訊息
小弟爬了一下,爬到的是
那些都是全世界的僵屍網路ping出來的?(居然還有116囧(成大))
這次數也太頻繁了吧......
windows的防火牆日誌也有類似的訊息嗎?
--
Tags:
Linux
All Comments
By Necoo
at 2015-12-09T13:24
at 2015-12-09T13:24
By Mia
at 2015-12-09T14:58
at 2015-12-09T14:58
By Enid
at 2015-12-13T12:29
at 2015-12-13T12:29
By Oliver
at 2015-12-14T17:06
at 2015-12-14T17:06
By Suhail Hany
at 2015-12-15T12:12
at 2015-12-15T12:12
By Carolina Franco
at 2015-12-17T00:36
at 2015-12-17T00:36
By Lily
at 2015-12-21T07:20
at 2015-12-21T07:20
By Kelly
at 2015-12-24T09:51
at 2015-12-24T09:51
By Brianna
at 2015-12-24T13:19
at 2015-12-24T13:19
By Daph Bay
at 2015-12-27T00:52
at 2015-12-27T00:52
By Charlie
at 2015-12-31T19:51
at 2015-12-31T19:51
By David
at 2016-01-01T14:17
at 2016-01-01T14:17
By Faithe
at 2016-01-06T06:27
at 2016-01-06T06:27
Related Posts
無法進入windows共享資料夾
By Suhail Hany
at 2015-12-06T19:28
at 2015-12-06T19:28
Ubuntu 使用者歷史跟syslog不符合
By Callum
at 2015-12-06T11:28
at 2015-12-06T11:28
VSFTP 530 login incorrec
By Caitlin
at 2015-12-06T08:27
at 2015-12-06T08:27
滑鼠按鍵功能自訂
By Joe
at 2015-12-06T01:21
at 2015-12-06T01:21
百度雲管家與wine
By Lydia
at 2015-12-06T01:15
at 2015-12-06T01:15