|
|
网吧内上座率不高 但是网络超卡 20M 带宽 103台机器
服务器 linux 用 tcpdump -i eth0检查发现
17:36:32.861994 61.178.92.43.27016 > 222.90.79.142.27005: udp 123
17:36:32.862043 222.90.79.142.32817 > 218.30.19.40.domain: 26362+ PTR? 230.10.115.125.in-addr.arpa. (45) (DF)
17:36:32.862097 222.90.79.142.3763 > 121.14.87.84.3724: P 2497494643:2497494678(35) ack 1349014931 win 65498 (DF)
17:36:32.862219 222.90.79.142.1967 > 61.130.109.20.http: . ack 2464792935 win 65535 (DF)
17:36:37.826463 222.90.79.142.32817 > 218.30.19.40.domain: 26363+ PTR? 37.1.44.58.in-addr.arpa. (41) (DF)
17:36:42.667507 218.30.19.40.domain > 222.90.79.142.4199: 42014 1/4/4 A[|domain] (DF)
17:36:42.667608 222.90.79.142.2316 > 61.185.80.146.1885: udp 58
17:36:42.667712 222.90.79.142.32817 > 218.30.19.40.domain: 26364+ PTR? 222.127.150.61.in-addr.arpa. (45) (DF)
17:36:42.668131 222.92.71.19.20077 > 222.90.79.142.2938: . 153191854:153193314(1460) ack 4264245086 win 16423 (DF)
17:36:42.668494 222.90.79.142.50938 > 218.30.19.40.domain: 14510+ A? mcfg.sandai.net. (33)
17:36:42.668880
608365 packets received by filter
608213 packets dropped by kernel
请问是不是有外网攻击啊? |
|
发表于 2008-4-22 17:42:36