全球主机交流论坛

标题: 我这是被DDOS吗？ [打印本页]

作者: 风之翼灵 时间: 2011-2-6 14:53
标题: 我这是被DDOS吗？
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address             Foreign Address          State
tcp       0    0 vps:http 123.125.68.86:32783       SYN_RECV
tcp       0    0 vps:http 61.155.58.130:15791       SYN_RECV
tcp       0 9343 vps:http 220.163.113.98:29298       ESTABLISHED
tcp       0    0 vps:http 220.181.94.229:47949       TIME_WAIT
tcp       0  92728 vps:http 111.112.174.90:21124       ESTABLISHED
tcp       0  10331 vps:http 220.163.113.98:29328       ESTABLISHED
tcp       0    1 vps:http 220.163.113.98:29206       LAST_ACK
tcp       0    0 vps:http 220.163.113.98:29302       ESTABLISHED
tcp       0  15030 vps:http 220.163.113.98:29334       ESTABLISHED
tcp       0  31088 vps:http 111.112.174.90:21123       ESTABLISHED
tcp       0    0 vps:http 220.163.113.98:29335       ESTABLISHED
tcp       0    0 vps:http 220.163.113.98:29237       ESTABLISHED
tcp       0    0 vps:http 220.181.94.229:45291       TIME_WAIT
tcp       0    1 vps:http 58.45.148.78:ibm-res       FIN_WAIT1
tcp       0 9648 vps:http 111.112.174.90:21102       ESTABLISHED
tcp       0    1 vps:http 220.163.113.98:29211       LAST_ACK
tcp       0    1 vps:http 58.45.148.78:igi-lm       FIN_WAIT1
tcp       0    0 vps:http 111.112.174.90:21103       TIME_WAIT
tcp       0    1 vps:http 220.163.113.98:29208       LAST_ACK
tcp       0    0 vps:http 61.135.249.217:59151       TIME_WAIT
tcp       0    1 vps:http 220.163.113.98:29272       LAST_ACK
tcp       1    1 vps:http 220.163.113.98:29176       LAST_ACK
tcp       0 9009 vps:http 220.163.113.98:29241       ESTABLISHED
tcp       0  11616 vps:http 220.163.113.98:29342       ESTABLISHED
tcp       0    1 vps:http 61.155.58.130:15789       LAST_ACK
tcp       0    1 vps:http 220.163.113.98:29247       LAST_ACK
tcp       0    0 vps:http 220.181.94.229:51073       TIME_WAIT
tcp       0    1 vps:http 220.163.113.98:29183       LAST_ACK
tcp       0  27082 vps:http 220.163.113.98:29340       ESTABLISHED
tcp       0  12513 vps:http 220.163.113.98:29341       ESTABLISHED
tcp       0 4101 vps:http 61.155.58.130:15790       ESTABLISHED
tcp       0    0 vps:http 112.195.126.99:corelccam ESTABLISHED
tcp       0  11606 vps:http 220.163.113.98:29346       ESTABLISHED
tcp       0    0 vps:http 220.181.94.229:61340       TIME_WAIT
tcp       0 1743 vps:http 61.155.58.130:15793       ESTABLISHED
tcp       0    0 vps:http 220.163.113.98:29314       ESTABLISHED
tcp       0    0 vps:http 220.181.94.229:34716       TIME_WAIT
tcp       0  45012 vps:http 220.163.113.98:29347       ESTABLISHED
tcp       0  62436 vps:http 220.163.113.98:29315       ESTABLISHED
tcp       0  20551 vps:http 220.163.113.98:29344       ESTABLISHED
tcp       0    0 vps:http 61.155.58.130:15795       ESTABLISHED
tcp       0  10720 vps:http 111.112.174.90:21076       ESTABLISHED
tcp       0  28697 vps:http 220.163.113.98:29281       ESTABLISHED
tcp       0 274 vps:http 61.155.58.130:15794       ESTABLISHED
tcp       0    0 vps:http 112.195.126.99:4296       ESTABLISHED
tcp       0 9030 vps:http 220.163.113.98:29350       ESTABLISHED
tcp       0  26136 vps:http 220.163.113.98:29351       ESTABLISHED
tcp       0  17152 vps:http 111.112.174.90:21075       ESTABLISHED
tcp       0    0 vps:http 112.195.126.99:4298       ESTABLISHED
tcp       0    0 vps:http 220.181.94.229:37115       TIME_WAIT
tcp       0 5559 vps:http 61.155.58.130:15798       ESTABLISHED
tcp       0    0 vps:http 111.112.174.90:21073       TIME_WAIT
tcp       0  11450 vps:http 220.163.113.98:29354       ESTABLISHED
tcp       0    1 vps:http 220.163.113.98:29195       LAST_ACK
tcp       0  33396 vps:http 220.163.113.98:29288       ESTABLISHED
tcp       0 7813 vps:http 220.163.113.98:29352       ESTABLISHED
tcp       0  13121 vps:http 220.163.113.98:29320       ESTABLISHED
tcp       0  43560 vps:http 220.163.113.98:29225       ESTABLISHED
tcp       0    0 vps:http 220.163.113.98:29353       ESTABLISHED
tcp       0    0 vps:http 220.181.94.229:58615       TIME_WAIT
tcp       0 9527 vps:http 220.163.113.98:29230       ESTABLISHED
tcp       0    0 vps:http 220.163.113.98:29326       ESTABLISHED
tcp       0  26136 vps:http 220.163.113.98:29231       ESTABLISHED
tcp       0  15958 vps:http 220.163.113.98:29263       ESTABLISHED
tcp       0    0 vps:http 220.181.94.229:42514       TIME_WAIT
tcp       0    0 vps:http 220.181.94.229:64210       TIME_WAIT
tcp       0    0 vps:http 220.181.94.229:39763       TIME_WAIT
tcp       0  10520 vps:http 58.45.148.78:timbuktu-srv2  FIN_WAIT1
tcp       0 3288 vpsd:ssh ::ffff:60.160.214.209:49628 ESTABLISHED

220.163.113.98，这个IP怎么这么多？是被DDOS了吗？

作者: domin 时间: 2011-2-6 14:54
有可能. 不过只能算是DOS. 看看日志看都访问的是什么地址.
然后封掉它.

作者: 风之翼灵 时间: 2011-2-6 14:55
220.163.113.98，这个IP打开还居然是个路由器
http://220.163.113.98/login.html

作者: domin 时间: 2011-2-6 14:55
看起来是网吧IP

作者: 风之翼灵 时间: 2011-2-6 14:56
标题: 回复 4# 的帖子
恩，云南昆明的一家网吧的IP，我查了下

我VPS这几天负载非常非常的高

作者: lxfy 时间: 2011-2-6 15:02
风之翼灵？金光的？

作者: cnx 时间: 2011-2-6 15:04
标题: 回复 4# 的帖子
网吧带宽好。
做事方便。

作者: 风之翼灵 时间: 2011-2-6 15:07
标题: 回复 6# 的帖子
YE，说对了

作者: 风之翼灵 时间: 2011-2-6 15:07
标题: 回复 7# 的帖子
靠了，我就云南的，它这IP可以定位到哪条公路哇。

这不是很好找他撒

作者: domin 时间: 2011-2-6 15:09
查询结果

220.163.113.98
云南省昆明市龙泉路杰众休闲吧

作者: 风之翼灵 时间: 2011-2-6 15:12
标题: 回复 10# 的帖子
iptables -I INPUT -s 220.163.113.98 -j DROP
service iptables save

看看效果

欢迎光临全球主机交流论坛 (https://mjj.022333.xyz/)