netstat的:
ubuntu@ip-172-31-60-232:/$ netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 187 ip-172-31-60-232.:51044 unknown.prolexic.c:http ESTABLISHED
tcp 0 187 ip-172-31-60-232.:51045 unknown.prolexic.c:http ESTABLISHED
tcp 0 0 ip-172-31-60-232.ec:ssh rrcs-71-43-133-18:50725 ESTABLISHED
tcp 0 187 ip-172-31-60-232.:51048 unknown.prolexic.c:http ESTABLISHED
tcp 0 187 ip-172-31-60-232.:51046 unknown.prolexic.c:http ESTABLISHED
tcp 0 187 ip-172-31-60-232.:51047 unknown.prolexic.c:http ESTABLISHED
tcp 0 187 ip-172-31-60-232.:51050 unknown.prolexic.c:http ESTABLISHED
tcp 0 187 ip-172-31-60-232.:51049 unknown.prolexic.c:http ESTABLISHED
tcp 0 187 ip-172-31-60-232.:51043 unknown.prolexic.c:http ESTABLISHED
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:45931 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:43103 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:46224 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:51975 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:45529 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:52326 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:46529 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:35851 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:42878 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:44822 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:45080 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:51681 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.199-s:54884 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.8.68.54-stati:53652 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:51548 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.8.68.54-stati:39783 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.199-s:58173 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:45439 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.199-s:55093 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:46086 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:46085 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.199-s:35563 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:45901 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:45727 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.199-s:52116 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.196-s:46065 CLOSE_WAIT
tcp6 0 0 ip-172-31-60-232.e:http 159.122.120.199-s:45937 CLOSE_WAIT
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ] DGRAM 8617 /var/spool/postfix/dev/log
unix 9 [ ] DGRAM 8615 /dev/log
unix 3 [ ] STREAM CONNECTED 101130 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 101043 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9394
unix 3 [ ] STREAM CONNECTED 100999 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9448
unix 3 [ ] STREAM CONNECTED 101072 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9409
unix 3 [ ] STREAM CONNECTED 100993 /var/run/mysqld/mysqld.sock
unix 2 [ ] DGRAM 8862
unix 3 [ ] STREAM CONNECTED 101134
unix 3 [ ] STREAM CONNECTED 101083
unix 3 [ ] STREAM CONNECTED 101054 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9450
unix 3 [ ] STREAM CONNECTED 8571
unix 3 [ ] STREAM CONNECTED 101000
unix 2 [ ] DGRAM 35035
unix 3 [ ] STREAM CONNECTED 9436
unix 3 [ ] STREAM CONNECTED 101112 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 7997
unix 3 [ ] STREAM CONNECTED 9385
unix 3 [ ] STREAM CONNECTED 9438
unix 3 [ ] STREAM CONNECTED 9387
unix 3 [ ] STREAM CONNECTED 101049 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9442
unix 3 [ ] STREAM CONNECTED 9414
unix 3 [ ] STREAM CONNECTED 13189
unix 3 [ ] STREAM CONNECTED 9457
unix 3 [ ] STREAM CONNECTED 9453
unix 3 [ ] STREAM CONNECTED 9405
unix 3 [ ] STREAM CONNECTED 100996
unix 3 [ ] STREAM CONNECTED 9444
unix 3 [ ] STREAM CONNECTED 9396
unix 3 [ ] STREAM CONNECTED 8519
unix 3 [ ] STREAM CONNECTED 101117
unix 3 [ ] DGRAM 7633
unix 3 [ ] STREAM CONNECTED 101001 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9375
unix 3 [ ] STREAM CONNECTED 101111
unix 3 [ ] STREAM CONNECTED 9412
unix 3 [ ] STREAM CONNECTED 9430
unix 3 [ ] STREAM CONNECTED 101129
unix 3 [ ] STREAM CONNECTED 101045 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9432
unix 3 [ ] STREAM CONNECTED 7593 @/com/ubuntu/upstart
unix 3 [ ] STREAM CONNECTED 100997 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9415
unix 3 [ ] STREAM CONNECTED 100995 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 100986
unix 3 [ ] STREAM CONNECTED 13190
unix 3 [ ] STREAM CONNECTED 101113
unix 3 [ ] STREAM CONNECTED 9374
unix 3 [ ] STREAM CONNECTED 101046
unix 3 [ ] STREAM CONNECTED 9371
unix 3 [ ] STREAM CONNECTED 101115
unix 3 [ ] STREAM CONNECTED 8639
unix 3 [ ] STREAM CONNECTED 9418
unix 3 [ ] STREAM CONNECTED 9370
unix 2 [ ] DGRAM 8619
unix 3 [ ] STREAM CONNECTED 9420
unix 3 [ ] STREAM CONNECTED 101108 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 101071
unix 3 [ ] STREAM CONNECTED 101062 /var/run/mysqld/mysqld.sock
unix 3 [ ] DGRAM 7634
unix 3 [ ] STREAM CONNECTED 101135 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 101119
unix 3 [ ] STREAM CONNECTED 9377
unix 3 [ ] STREAM CONNECTED 9426
unix 3 [ ] STREAM CONNECTED 9424
unix 3 [ ] STREAM CONNECTED 101044
unix 3 [ ] STREAM CONNECTED 9445
unix 3 [ ] STREAM CONNECTED 8567
unix 3 [ ] STREAM CONNECTED 9378
unix 3 [ ] STREAM CONNECTED 100987 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 101120 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9447
unix 3 [ ] STREAM CONNECTED 100994
unix 3 [ ] STREAM CONNECTED 9451
unix 3 [ ] STREAM CONNECTED 8572 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 101084 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9381
unix 3 [ ] STREAM CONNECTED 9403
unix 3 [ ] STREAM CONNECTED 101048
unix 3 [ ] STREAM CONNECTED 9391
unix 3 [ ] STREAM CONNECTED 100998
unix 3 [ ] STREAM CONNECTED 101068 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9382
unix 3 [ ] STREAM CONNECTED 101078 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 13197 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 8008 @/com/ubuntu/upstart
unix 3 [ ] STREAM CONNECTED 100990
unix 3 [ ] STREAM CONNECTED 9411
unix 3 [ ] STREAM CONNECTED 9384
unix 2 [ ] DGRAM 9468
unix 3 [ ] STREAM CONNECTED 101109
unix 2 [ ] DGRAM 9463
unix 3 [ ] STREAM CONNECTED 9439
unix 3 [ ] STREAM CONNECTED 8640 /var/run/dbus/system_bus_socket
unix 3 [ ] STREAM CONNECTED 9406
unix 3 [ ] STREAM CONNECTED 100989 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9441
unix 3 [ ] STREAM CONNECTED 9400
unix 3 [ ] STREAM CONNECTED 8568
unix 3 [ ] STREAM CONNECTED 9456
unix 3 [ ] STREAM CONNECTED 9388
unix 3 [ ] STREAM CONNECTED 9408
unix 3 [ ] STREAM CONNECTED 101047 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 101110 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9454
unix 3 [ ] STREAM CONNECTED 9390
unix 3 [ ] STREAM CONNECTED 9402
unix 3 [ ] STREAM CONNECTED 9397
unix 3 [ ] STREAM CONNECTED 9367
unix 3 [ ] STREAM CONNECTED 101107
unix 3 [ ] STREAM CONNECTED 9427
unix 3 [ ] STREAM CONNECTED 100988
unix 3 [ ] STREAM CONNECTED 101077
unix 3 [ ] STREAM CONNECTED 9429
unix 3 [ ] STREAM CONNECTED 101114 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 101042
unix 2 [ ] DGRAM 12906
unix 3 [ ] STREAM CONNECTED 13196
unix 3 [ ] STREAM CONNECTED 9435
unix 3 [ ] STREAM CONNECTED 9433
unix 3 [ ] STREAM CONNECTED 101067
unix 2 [ ] DGRAM 9344
unix 3 [ ] STREAM CONNECTED 7582
unix 3 [ ] STREAM CONNECTED 101118 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9417
unix 3 [ ] STREAM CONNECTED 101053
unix 3 [ ] STREAM CONNECTED 8545 @/com/ubuntu/upstart
unix 3 [ ] STREAM CONNECTED 9421
unix 3 [ ] STREAM CONNECTED 9399
unix 3 [ ] STREAM CONNECTED 100991 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9393
unix 3 [ ] STREAM CONNECTED 101061
unix 3 [ ] STREAM CONNECTED 9423
unix 3 [ ] STREAM CONNECTED 100992
unix 3 [ ] STREAM CONNECTED 101116 /var/run/mysqld/mysqld.sock
unix 3 [ ] STREAM CONNECTED 9368
ubuntu@ip-172-31-60-232:/$
我相信某人正在使用我的服务器
我认为IP 159.122.120.196是罪魁祸首,但我不完全确定。我的服务器现在重新开启了。这不是我的专业领域,所以你能给我的任何指导都将不胜感激。
答案 0 :(得分:0)
今天晚上我从同一个IP获得了恶意流量,足以让我的服务器内核惊慌失措。就我而言,它是每秒多次在Wordpress站点上点击xmlrpc.php的三个IP之一。我用iptables放弃了流量 - 重新开始营业。
如果您的问题是“159.122.120.199是一个糟糕的演员IP地址?”,答案似乎是肯定的。