Home Sign Up Sign In
V2EX = way to explore
V2EX 是一个关于分享和探索的地方
Sign Up Now
For Existing Member  Sign In
aiwha
V2EX  ›  站长

这是哪一类型的扫描或攻击?

  •   
  •   aiwha · Feb 8, 2015 · 3147 views
    This topic created in 4102 days ago, the information mentioned may be changed or developed.

    17:39:51.699395 IP 60.169.78.195.77 > 223.151.171.122.9064: Flags [S], seq 0, win 16384, length 0
    17:39:51.699600 IP 223.151.171.122.9064 > 60.169.78.195.77: Flags [R.], seq 0, ack 1, win 0, length 0
    17:39:59.597065 IP 222.186.56.153.77 > 223.151.171.122.9000: Flags [S], seq 0, win 16384, length 0
    17:39:59.597259 IP 223.151.171.122.9000 > 222.186.56.153.77: Flags [R.], seq 0, ack 1, win 0, length 0
    17:40:12.094916 IP 222.186.21.108.77 > 223.151.171.122.9000: Flags [S], seq 0, win 16384, length 0
    17:40:12.095126 IP 223.151.171.122.9000 > 222.186.21.108.77: Flags [R.], seq 0, ack 1, win 0, length 0
    17:40:17.805986 IP 60.173.11.130.6000 > 223.151.171.122.8118: Flags [S], seq 1942618112, win 16384, length 0
    17:40:17.806194 IP 223.151.171.122.8118 > 60.173.11.130.6000: Flags [R.], seq 0, ack 1942618113, win 0, length 0
    17:40:18.383223 IP 222.186.56.153.77 > 223.151.171.122.9000: Flags [S], seq 0, win 16384, length 0
    17:40:18.383395 IP 223.151.171.122.9000 > 222.186.56.153.77: Flags [R.], seq 0, ack 1, win 0, length 0
    17:40:23.543628 IP 222.186.21.108.77 > 223.151.171.122.9000: Flags [S], seq 0, win 16384, length 0
    17:40:23.543833 IP 223.151.171.122.9000 > 222.186.21.108.77: Flags [R.], seq 0, ack 1, win 0, length 0
    17:40:29.908367 IP 222.186.21.108.77 > 223.151.171.122.9000: Flags [S], seq 0, win 16384, length 0
    17:40:29.908566 IP 223.151.171.122.9000 > 222.186.21.108.77: Flags [R.], seq 0, ack 1, win 0, length 0
    17:40:40.417706 IP 222.186.21.108.77 > 223.151.171.122.9000: Flags [S], seq 0, win 16384, length 0
    17:40:40.417905 IP 223.151.171.122.9000 > 222.186.21.108.77: Flags [R.], seq 0, ack 1, win 0, length 0
    17:40:49.944221 IP 222.186.21.108.77 > 223.151.171.122.9000: Flags [S], seq 0, win 16384, length 0
    17:40:49.944430 IP 223.151.171.122.9000 > 222.186.21.108.77: Flags [R.], seq 0, ack 1, win 0, length 0
    17:40:50.123528 IP 222.186.34.81.77 > 223.151.171.122.9000: Flags [S], seq 0, win 16384, length 0
    17:40:50.123683 IP 223.151.171.122.9000 > 222.186.34.81.77: Flags [R.], seq 0, ack 1, win 0, length 0

    很有规律的,它来个S(win 16384),我回个R,我的ip是223.151.171.122,对方ip则有多个。

    这是我在路由器上的pppoe口抓包发现的,已经排除了内网主机向外发包的可能。

  • flags
  • seq
  • length
    4 replies
    kliy
        1
    kliy  
       Feb 8, 2015
    TCPDUMP?
    aiwha
        2
    aiwha  
    OP
       Feb 8, 2015
    哦,明白了,应该是在尝试连接我的特定端口,但我的iptables将它们复位了。。。
    aiwha
        3
    aiwha  
    OP
       Feb 8, 2015
    @kliy 嗯,openwrt下现成的包貌似只有tcpdump,我喜欢用的snort得自己搞交叉编译。。。。
    laoyuan
        4
    laoyuan  
       Feb 8, 2015
    好像写一个人造智能接管互联网啊。。
    About   ·   Help   ·   Advertise   ·   Blog   ·   API   ·   FAQ   ·   Solana   ·   2682 Online   Highest 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 47ms · UTC 03:33 · PVG 11:33 · LAX 20:33 · JFK 23:33
    ♥ Do have faith in what you're doing.