这是一个创建于 3379 天前的主题,其中的信息可能已经有所发展或是发生改变。
用softether建sstp,监听的端口里有80和443端口。刚才看了一下近几天的server_log(以前一直没看过),发现有很多ip在连接我的80和443端口,还看到了DoS attack
98.126.75.226
31.7.57.198
54.153.1.182
1.163.69.81
5.196.248.85
61.240.144.66
68.168.96.81
54.167.118.244
36.226.118.122
202.49.165.142
85.25.43.94
70.38.54.82
198.20.69.74
125.160.11.66
141.212.122.26
54.64.207.213
1.164.47.57
141.212.122.146
141.212.122.42
1.169.94.41
141.212.122.154
141.212.122.18
198.154.63.131
141.212.122.34
1.163.71.142
以下同城的ip,我某些时候PPPoE获得的ip是同一网段,但不是我的ip
60.16.132.141
60.16.132.253
123.191.12.86
尤其是下面这个123.191.8.122,我怀疑这个是gfw的一部分
2015-02-10 18:24:27.475 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53537. This connection will be forcefully disconnected now.
2015-02-10 18:24:28.534 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53538. This connection will be forcefully disconnected now.
2015-02-10 18:24:29.593 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53539. This connection will be forcefully disconnected now.
2015-02-10 18:24:30.672 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53540. This connection will be forcefully disconnected now.
2015-02-10 18:24:31.691 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53541. This connection will be forcefully disconnected now.
2015-02-10 18:24:32.800 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53542. This connection will be forcefully disconnected now.
2015-02-10 18:24:33.890 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53543. This connection will be forcefully disconnected now.
2015-02-10 18:24:34.929 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53544. This connection will be forcefully disconnected now.
2015-02-10 18:24:35.988 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53545. This connection will be forcefully disconnected now.
2015-02-10 18:24:37.057 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53546. This connection will be forcefully disconnected now.
2015-02-10 18:24:38.115 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53547. This connection will be forcefully disconnected now.
2015-02-10 18:24:39.235 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53548. This connection will be forcefully disconnected now.
2015-02-10 18:24:40.325 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53549. This connection will be forcefully disconnected now.
2015-02-10 18:24:41.344 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53550. This connection will be forcefully disconnected now.
2015-02-10 18:24:42.464 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53551. This connection will be forcefully disconnected now.
2015-02-10 18:24:43.493 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53552. This connection will be forcefully disconnected now.
2015-02-10 18:24:44.573 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53553. This connection will be forcefully disconnected now.
2015-02-10 18:24:45.612 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53554. This connection will be forcefully disconnected now.
2015-02-10 18:24:46.681 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53555. This connection will be forcefully disconnected now.
2015-02-10 18:24:47.740 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53556. This connection will be forcefully disconnected now.
2015-02-10 18:24:48.838 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53557. This connection will be forcefully disconnected now.
2015-02-10 18:24:49.887 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53558. This connection will be forcefully disconnected now.
2015-02-10 18:24:50.987 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53559. This connection will be forcefully disconnected now.
2015-02-10 18:24:52.036 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53560. This connection will be forcefully disconnected now.
2015-02-10 18:24:53.116 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53561. This connection will be forcefully disconnected now.
2015-02-10 18:24:54.175 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53562. This connection will be forcefully disconnected now.
2015-02-10 18:24:55.254 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53563. This connection will be forcefully disconnected now.
2015-02-10 18:24:56.293 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53564. This connection will be forcefully disconnected now.
2015-02-10 18:24:57.362 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53565. This connection will be forcefully disconnected now.
2015-02-10 18:24:58.482 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53566. This connection will be forcefully disconnected now.
2015-02-10 18:24:59.531 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53567. This connection will be forcefully disconnected now.
2015-02-10 18:25:00.580 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53568. This connection will be forcefully disconnected now.
2015-02-10 18:25:01.791 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53569. This connection will be forcefully disconnected now.
2015-02-10 18:25:03.082 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53570. This connection will be forcefully disconnected now.
2015-02-10 18:25:04.171 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53571. This connection will be forcefully disconnected now.
2015-02-10 18:25:05.200 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53572. This connection will be forcefully disconnected now.
2015-02-10 18:25:06.290 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53573. This connection will be forcefully disconnected now.
2015-02-10 18:25:07.370 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53574. This connection will be forcefully disconnected now.
2015-02-10 18:25:08.479 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53575. This connection will be forcefully disconnected now.
2015-02-10 18:25:09.609 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53576. This connection will be forcefully disconnected now.
2015-02-10 18:25:12.746 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53578. This connection will be forcefully disconnected now.
2015-02-10 18:25:13.815 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53579. This connection will be forcefully disconnected now.
2015-02-10 18:25:14.562 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53577. This connection will be forcefully disconnected now.
2015-02-10 18:25:14.884 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53580. This connection will be forcefully disconnected now.
2015-02-10 18:25:16.004 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53581. This connection will be forcefully disconnected now.
2015-02-10 18:25:19.151 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53583. This connection will be forcefully disconnected now.
2015-02-10 18:25:19.998 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53582. This connection will be forcefully disconnected now.
2015-02-10 18:25:20.209 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53584. This connection will be forcefully disconnected now.
2015-02-10 18:25:21.278 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53585. This connection will be forcefully disconnected now.
2015-02-10 18:25:22.348 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53586. This connection will be forcefully disconnected now.
2015-02-10 18:25:23.377 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53588. This connection will be forcefully disconnected now.
2015-02-10 18:25:24.436 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53589. This connection will be forcefully disconnected now.
2015-02-10 18:25:25.525 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53590. This connection will be forcefully disconnected now.
2015-02-10 18:25:26.614 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53591. This connection will be forcefully disconnected now.
2015-02-10 18:25:27.623 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53592. This connection will be forcefully disconnected now.
2015-02-10 18:25:28.652 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53593. This connection will be forcefully disconnected now.
2015-02-10 18:25:29.761 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53594. This connection will be forcefully disconnected now.
顺便也看了一下ufw的log,9号6点到11号0点,1300+个block记录 = =
98.126.75.226
31.7.57.198
54.153.1.182
1.163.69.81
5.196.248.85
61.240.144.66
68.168.96.81
54.167.118.244
36.226.118.122
202.49.165.142
85.25.43.94
70.38.54.82
198.20.69.74
125.160.11.66
141.212.122.26
54.64.207.213
1.164.47.57
141.212.122.146
141.212.122.42
1.169.94.41
141.212.122.154
141.212.122.18
198.154.63.131
141.212.122.34
1.163.71.142
以下同城的ip,我某些时候PPPoE获得的ip是同一网段,但不是我的ip
60.16.132.141
60.16.132.253
123.191.12.86
尤其是下面这个123.191.8.122,我怀疑这个是gfw的一部分
2015-02-10 18:24:27.475 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53537. This connection will be forcefully disconnected now.
2015-02-10 18:24:28.534 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53538. This connection will be forcefully disconnected now.
2015-02-10 18:24:29.593 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53539. This connection will be forcefully disconnected now.
2015-02-10 18:24:30.672 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53540. This connection will be forcefully disconnected now.
2015-02-10 18:24:31.691 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53541. This connection will be forcefully disconnected now.
2015-02-10 18:24:32.800 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53542. This connection will be forcefully disconnected now.
2015-02-10 18:24:33.890 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53543. This connection will be forcefully disconnected now.
2015-02-10 18:24:34.929 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53544. This connection will be forcefully disconnected now.
2015-02-10 18:24:35.988 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53545. This connection will be forcefully disconnected now.
2015-02-10 18:24:37.057 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53546. This connection will be forcefully disconnected now.
2015-02-10 18:24:38.115 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53547. This connection will be forcefully disconnected now.
2015-02-10 18:24:39.235 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53548. This connection will be forcefully disconnected now.
2015-02-10 18:24:40.325 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53549. This connection will be forcefully disconnected now.
2015-02-10 18:24:41.344 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53550. This connection will be forcefully disconnected now.
2015-02-10 18:24:42.464 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53551. This connection will be forcefully disconnected now.
2015-02-10 18:24:43.493 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53552. This connection will be forcefully disconnected now.
2015-02-10 18:24:44.573 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53553. This connection will be forcefully disconnected now.
2015-02-10 18:24:45.612 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53554. This connection will be forcefully disconnected now.
2015-02-10 18:24:46.681 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53555. This connection will be forcefully disconnected now.
2015-02-10 18:24:47.740 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53556. This connection will be forcefully disconnected now.
2015-02-10 18:24:48.838 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53557. This connection will be forcefully disconnected now.
2015-02-10 18:24:49.887 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53558. This connection will be forcefully disconnected now.
2015-02-10 18:24:50.987 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53559. This connection will be forcefully disconnected now.
2015-02-10 18:24:52.036 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53560. This connection will be forcefully disconnected now.
2015-02-10 18:24:53.116 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53561. This connection will be forcefully disconnected now.
2015-02-10 18:24:54.175 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53562. This connection will be forcefully disconnected now.
2015-02-10 18:24:55.254 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53563. This connection will be forcefully disconnected now.
2015-02-10 18:24:56.293 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53564. This connection will be forcefully disconnected now.
2015-02-10 18:24:57.362 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53565. This connection will be forcefully disconnected now.
2015-02-10 18:24:58.482 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53566. This connection will be forcefully disconnected now.
2015-02-10 18:24:59.531 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53567. This connection will be forcefully disconnected now.
2015-02-10 18:25:00.580 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53568. This connection will be forcefully disconnected now.
2015-02-10 18:25:01.791 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53569. This connection will be forcefully disconnected now.
2015-02-10 18:25:03.082 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53570. This connection will be forcefully disconnected now.
2015-02-10 18:25:04.171 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53571. This connection will be forcefully disconnected now.
2015-02-10 18:25:05.200 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53572. This connection will be forcefully disconnected now.
2015-02-10 18:25:06.290 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53573. This connection will be forcefully disconnected now.
2015-02-10 18:25:07.370 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53574. This connection will be forcefully disconnected now.
2015-02-10 18:25:08.479 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53575. This connection will be forcefully disconnected now.
2015-02-10 18:25:09.609 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53576. This connection will be forcefully disconnected now.
2015-02-10 18:25:12.746 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53578. This connection will be forcefully disconnected now.
2015-02-10 18:25:13.815 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53579. This connection will be forcefully disconnected now.
2015-02-10 18:25:14.562 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53577. This connection will be forcefully disconnected now.
2015-02-10 18:25:14.884 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53580. This connection will be forcefully disconnected now.
2015-02-10 18:25:16.004 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53581. This connection will be forcefully disconnected now.
2015-02-10 18:25:19.151 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53583. This connection will be forcefully disconnected now.
2015-02-10 18:25:19.998 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53582. This connection will be forcefully disconnected now.
2015-02-10 18:25:20.209 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53584. This connection will be forcefully disconnected now.
2015-02-10 18:25:21.278 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53585. This connection will be forcefully disconnected now.
2015-02-10 18:25:22.348 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53586. This connection will be forcefully disconnected now.
2015-02-10 18:25:23.377 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53588. This connection will be forcefully disconnected now.
2015-02-10 18:25:24.436 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53589. This connection will be forcefully disconnected now.
2015-02-10 18:25:25.525 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53590. This connection will be forcefully disconnected now.
2015-02-10 18:25:26.614 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53591. This connection will be forcefully disconnected now.
2015-02-10 18:25:27.623 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53592. This connection will be forcefully disconnected now.
2015-02-10 18:25:28.652 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53593. This connection will be forcefully disconnected now.
2015-02-10 18:25:29.761 A DoS attack on the TCP Listener (port 80) has been detected. The connecting source IP address is 123.191.8.122, port number is 53594. This connection will be forcefully disconnected now.
顺便也看了一下ufw的log,9号6点到11号0点,1300+个block记录 = =
1 条回复 • 2015-02-11 09:37:35 +08:00
 |
1
heaton_nobu 2015-02-11 09:37:35 +08:00
这是肯定的~
|
Select Language