Minu masina pihta käib pühapäevast saati mingi rünnak. Tänu sellele on raske päriskasutajatel löögile pääseda. Installisin just portsentry ära ja tegelen selle murega. Ehk saan neist värdjatest lahti. Üldiselt sellega seoses ka küsimus. Ma tegin sellise asja, et tõmbasin apache maha ja hakkasin netcatiga vaatama, et mis värk on. Sissetulev traffic paistab olevat flooditud sellise jamaga:
fm:/etc/apache# nc -lvvp 80
listening on [any] 80 …
125.208.1.101: inverse host lookup failed: Unknown host
connect to [81.20.152.14] from (UNKNOWN) [125.208.1.101] 2746
sent 0, rcvd 0
fm:/etc/apache# nc -lvvp 80
listening on [any] 80 …
58.20.162.162: inverse host lookup failed: Unknown host
connect to [81.20.152.14] from (UNKNOWN) [58.20.162.162] 4147
sent 0, rcvd 0
fm:/etc/apache# nc -lvvp 80
listening on [any] 80 …
125.208.1.102: inverse host lookup failed: Unknown host
connect to [81.20.152.14] from (UNKNOWN) [125.208.1.102] 3855
sent 0, rcvd 0
fm:/etc/apache# nc -lvvp 80
listening on [any] 80 …
58.20.162.162: inverse host lookup failed: Unknown host
connect to [81.20.152.14] from (UNKNOWN) [58.20.162.162] 3269
On kellelgi aimu, mis värk see on ja kuidas neist elajatest lahti saada?
Post a comment