被攻击了!~~
被攻击了,对方是213.154.126.70
用marian用户登陆到我的机器上,
[root@ns root]# who
root tty1 Apr 3 11:35
marian pts/3 Apr 3 12:40 (213.154.126.70)
我用wall 给他发消息,他应该收到的吧?
ls命令不好用了
[root@ns root]# ls
Segmentation fault
这位老兄拼命发SYN_SENT给我:
tcp 0 1 172.16.2.4:35252 63.90.129.231:443 SYN_SENT
tcp 0 1 172.16.2.4:35509 63.90.130.231:443 SYN_SENT
tcp 0 1 172.16.2.4:35737 63.90.131.167:443 SYN_SENT
tcp 0 1 172.16.2.4:35658 63.90.131.88:443 SYN_SENT
tcp 0 1 172.16.2.4:35558 63.90.131.25:443 SYN_SENT
tcp 0 1 172.16.2.4:35304 63.90.130.27:443 SYN_SENT
tcp 0 1 172.16.2.4:35188 63.90.129.167:443 SYN_SENT
tcp 0 1 172.16.2.4:35445 63.90.130.167:443 SYN_SENT
tcp 0 1 172.16.2.4:35624 64.175.14.75:80 SYN_SENT
tcp 0 1 172.16.2.4:35365 63.90.130.87:443 SYN_SENT
tcp 0 1 172.16.2.4:35253 63.90.129.232:443 SYN_SENT
tcp 0 1 172.16.2.4:35510 63.90.130.232:443 SYN_SENT
tcp 0 1 172.16.2.4:35738 63.90.131.168:443 SYN_SENT
tcp 0 1 172.16.2.4:35657 63.90.131.87:443 SYN_SENT
tcp 0 1 172.16.2.4:35555 63.90.131.22:443 SYN_SENT
tcp 0 1 172.16.2.4:35296 63.90.130.20:443 SYN_SENT
tcp 0 1 172.16.2.4:35189 63.90.129.168:443 SYN_SENT
tcp 0 1 172.16.2.4:35446 63.90.130.168:443 SYN_SENT
tcp 0 1 172.16.2.4:48069 213.154.73.108:443 SYN_SENT
tcp 0 1 172.16.2.4:35364 63.90.130.86:443 SYN_SENT
tcp 0 1 172.16.2.4:35254 63.90.129.233:443 SYN_SENT
tcp 0 1 172.16.2.4:35511 63.90.130.233:443 SYN_SENT
tcp 0 1 172.16.2.4:35739 63.90.131.169:443 SYN_SENT
tcp 0 1 172.16.2.4:35656 63.90.131.86:443 SYN_SENT
tcp 0 1 172.16.2.4:35297 63.90.130.21:443 SYN_SENT
tcp 0 1 172.16.2.4:35556 63.90.131.23:443 SYN_SENT
tcp 0 1 172.16.2.4:35190 63.90.129.169:443 SYN_SENT
tcp 0 1 172.16.2.4:35447 63.90.130.169:443 SYN_SENT
tcp 0 1 172.16.2.4:35639 64.175.174.218:80 SYN_SENT
tcp 0 1 172.16.2.4:35363 63.90.130.85:443 SYN_SENT
tcp 0 0 172.16.2.4:33102 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35617 64.175.138.2:80 SYN_SENT
tcp 0 1 172.16.2.4:35255 63.90.129.234:443 SYN_SENT
tcp 0 1 172.16.2.4:35512 63.90.130.234:443 SYN_SENT
tcp 0 1 172.16.2.4:35740 63.90.131.170:443 SYN_SENT
tcp 0 1 172.16.2.4:35655 63.90.131.85:443 SYN_SENT
tcp 0 1 172.16.2.4:35553 63.90.131.20:443 SYN_SENT
tcp 0 1 172.16.2.4:35298 63.90.130.22:443 SYN_SENT
tcp 0 1 172.16.2.4:35191 63.90.129.170:443 SYN_SENT
tcp 0 1 172.16.2.4:35448 63.90.130.170:443 SYN_SENT
tcp 0 1 172.16.2.4:35362 63.90.130.84:443 SYN_SENT
tcp 0 1 172.16.2.4:35256 63.90.129.235:443 SYN_SENT
tcp 0 1 172.16.2.4:35513 63.90.130.235:443 SYN_SENT
tcp 0 1 172.16.2.4:35741 63.90.131.171:443 SYN_SENT
tcp 0 1 172.16.2.4:35654 63.90.131.84:443 SYN_SENT
tcp 0 1 172.16.2.4:35646 64.175.181.131:80 SYN_SENT
tcp 0 1 172.16.2.4:35554 63.90.131.21:443 SYN_SENT
tcp 0 1 172.16.2.4:35300 63.90.130.23:443 SYN_SENT
tcp 0 1 172.16.2.4:35192 63.90.129.171:443 SYN_SENT
tcp 0 1 172.16.2.4:35449 63.90.130.171:443 SYN_SENT
tcp 0 0 172.16.2.4:32904 213.154.64.227:443 ESTABLISHED
tcp 0 0 172.16.2.4:32926 213.154.64.227:443 ESTABLISHED
tcp 0 0 172.16.2.4:34660 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35361 63.90.130.83:443 SYN_SENT
tcp 0 0 172.16.2.4:50974 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35257 63.90.129.236:443 SYN_SENT
tcp 0 1 172.16.2.4:35514 63.90.130.236:443 SYN_SENT
tcp 0 0 172.16.2.4:34603 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35742 63.90.131.172:443 SYN_SENT
tcp 0 1 172.16.2.4:35653 63.90.131.83:443 SYN_SENT
tcp 0 1 172.16.2.4:35551 63.90.131.18:443 SYN_SENT
tcp 0 1 172.16.2.4:35292 63.90.130.16:443 SYN_SENT
tcp 0 1 172.16.2.4:35193 63.90.129.172:443 SYN_SENT
tcp 0 1 172.16.2.4:35450 63.90.130.172:443 SYN_SENT
tcp 0 0 172.16.2.4:51176 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35360 63.90.130.82:443 SYN_SENT
tcp 0 0 172.16.2.4:34381 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35258 63.90.129.237:443 SYN_SENT
tcp 0 1 172.16.2.4:35515 63.90.130.237:443 SYN_SENT
tcp 0 0 172.16.2.4:34389 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35743 63.90.131.173:443 SYN_SENT
tcp 0 1 172.16.2.4:35652 63.90.131.82:443 SYN_SENT
tcp 0 1 172.16.2.4:35552 63.90.131.19:443 SYN_SENT
tcp 0 1 172.16.2.4:35293 63.90.130.17:443 SYN_SENT
tcp 0 1 172.16.2.4:35194 63.90.129.173:443 SYN_SENT
tcp 0 1 172.16.2.4:35451 63.90.130.173:443 SYN_SENT
tcp 0 0 172.16.2.4:50919 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35359 63.90.130.81:443 SYN_SENT
tcp 0 1 172.16.2.4:35259 63.90.129.238:443 SYN_SENT
tcp 0 1 172.16.2.4:35516 63.90.130.238:443 SYN_SENT
tcp 0 1 172.16.2.4:35650 64.175.182.58:80 SYN_SENT
tcp 0 1 172.16.2.4:35744 63.90.131.174:443 SYN_SENT
tcp 0 1 172.16.2.4:35651 63.90.131.81:443 SYN_SENT
tcp 0 1 172.16.2.4:35549 63.90.131.16:443 SYN_SENT
tcp 0 1 172.16.2.4:35294 63.90.130.18:443 SYN_SENT
tcp 0 1 172.16.2.4:35195 63.90.129.174:443 SYN_SENT
tcp 0 1 172.16.2.4:35452 63.90.130.174:443 SYN_SENT
tcp 0 0 172.16.2.4:34206 213.154.64.227:443 ESTABLISHED
tcp 0 0 172.16.2.4:34199 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35613 63.90.131.80:443 SYN_SENT
tcp 0 1 172.16.2.4:35358 63.90.130.80:443 SYN_SENT
tcp 0 1 172.16.2.4:35260 63.90.129.239:443 SYN_SENT
tcp 0 1 172.16.2.4:35517 63.90.130.239:443 SYN_SENT
tcp 0 1 172.16.2.4:35745 63.90.131.175:443 SYN_SENT
tcp 0 0 172.16.2.4:34022 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35295 63.90.130.19:443 SYN_SENT
tcp 0 1 172.16.2.4:35550 63.90.131.17:443 SYN_SENT
tcp 0 1 172.16.2.4:35196 63.90.129.175:443 SYN_SENT
tcp 0 1 172.16.2.4:35453 63.90.130.175:443 SYN_SENT
tcp 0 1 172.16.2.4:35261 63.90.129.240:443 SYN_SENT
tcp 0 1 172.16.2.4:35518 63.90.130.240:443 SYN_SENT
tcp 0 1 172.16.2.4:35612 63.90.131.79:443 SYN_SENT
tcp 0 1 172.16.2.4:35357 63.90.130.79:443 SYN_SENT
tcp 0 1 172.16.2.4:35746 63.90.131.176:443 SYN_SENT
tcp 0 1 172.16.2.4:35197 63.90.129.176:443 SYN_SENT
tcp 0 1 172.16.2.4:35454 63.90.130.176:443 SYN_SENT
tcp 0 1 172.16.2.4:35547 63.90.131.14:443 SYN_SENT
tcp 0 1 172.16.2.4:35288 63.90.130.12:443 SYN_SENT
tcp 0 1 172.16.2.4:35618 64.175.14.162:80 SYN_SENT
tcp 0 1 172.16.2.4:35262 63.90.129.241:443 SYN_SENT
tcp 0 1 172.16.2.4:35519 63.90.130.241:443 SYN_SENT
tcp 0 1 172.16.2.4:35611 63.90.131.78:443 SYN_SENT
tcp 0 1 172.16.2.4:35356 63.90.130.78:443 SYN_SENT
tcp 0 1 172.16.2.4:35649 64.175.182.37:80 SYN_SENT
tcp 0 0 172.16.2.4:33492 213.154.70.2:443 ESTABLISHED
tcp 0 1 172.16.2.4:35747 63.90.131.177:443 SYN_SENT
tcp 0 0 172.16.2.4:33526 213.154.70.2:443 ESTABLISHED
tcp 0 4760 172.16.2.4:22 213.154.126.70:1093 ESTABLISHED
tcp 0 1 172.16.2.4:35198 63.90.129.177:443 SYN_SENT
tcp 0 1 172.16.2.4:35455 63.90.130.177:443 SYN_SENT
tcp 0 1 172.16.2.4:35289 63.90.130.13:443 SYN_SENT
tcp 0 1 172.16.2.4:35548 63.90.131.15:443 SYN_SENT
tcp 0 1 172.16.2.4:35263 63.90.129.242:443 SYN_SENT
tcp 0 1 172.16.2.4:35610 63.90.131.77:443 SYN_SENT
tcp 0 1 172.16.2.4:35355 63.90.130.77:443 SYN_SENT
tcp 0 1 172.16.2.4:35520 63.90.130.242:443 SYN_SENT
tcp 0 1 172.16.2.4:35456 63.90.130.178:443 SYN_SENT
tcp 0 1 172.16.2.4:35748 63.90.131.178:443 SYN_SENT
tcp 0 1 172.16.2.4:35199 63.90.129.178:443 SYN_SENT
tcp 0 1 172.16.2.4:35545 63.90.131.12:443 SYN_SENT
tcp 0 1 172.16.2.4:35290 63.90.130.14:443 SYN_SENT
tcp 0 1 172.16.2.4:35637 64.175.173.194:80 SYN_SENT
tcp 0 1 172.16.2.4:35609 63.90.131.76:443 SYN_SENT
tcp 0 1 172.16.2.4:35354 63.90.130.76:443 SYN_SENT
tcp 0 1 172.16.2.4:35264 63.90.129.243:443 SYN_SENT
tcp 0 1 172.16.2.4:35200 63.90.129.179:443 SYN_SENT
tcp 0 1 172.16.2.4:35521 63.90.130.243:443 SYN_SENT
tcp 0 1 172.16.2.4:35457 63.90.130.179:443 SYN_SENT
tcp 0 0 172.16.2.4:38934 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35749 63.90.131.179:443 SYN_SENT
tcp 0 1 172.16.2.4:35645 64.175.179.157:80 SYN_SENT
tcp 0 1 172.16.2.4:35291 63.90.130.15:443 SYN_SENT
tcp 0 1 172.16.2.4:35546 63.90.131.13:443 SYN_SENT
tcp 0 1 172.16.2.4:35615 64.175.136.230:80 SYN_SENT
tcp 0 1 172.16.2.4:35608 63.90.131.75:443 SYN_SENT
tcp 0 1 172.16.2.4:35353 63.90.130.75:443 SYN_SENT
tcp 0 1 172.16.2.4:35265 63.90.129.244:443 SYN_SENT
tcp 0 1 172.16.2.4:35201 63.90.129.180:443 SYN_SENT
tcp 0 1 172.16.2.4:35522 63.90.130.244:443 SYN_SENT
tcp 0 1 172.16.2.4:35458 63.90.130.180:443 SYN_SENT
tcp 0 0 172.16.2.4:34814 213.154.70.2:443 ESTABLISHED
tcp 0 1 172.16.2.4:35750 63.90.131.180:443 SYN_SENT
tcp 0 0 172.16.2.4:34604 213.154.70.2:443 ESTABLISHED
tcp 0 0 172.16.2.4:34596 213.154.70.2:443 ESTABLISHED
tcp 0 1 172.16.2.4:35543 63.90.131.10:443 SYN_SENT
tcp 0 1 172.16.2.4:35284 63.90.130.8:443 SYN_SENT
tcp 0 1 172.16.2.4:35607 63.90.131.74:443 SYN_SENT
tcp 0 1 172.16.2.4:35352 63.90.130.74:443 SYN_SENT
tcp 0 1 172.16.2.4:35266 63.90.129.245:443 SYN_SENT
tcp 0 1 172.16.2.4:35202 63.90.129.181:443 SYN_SENT
tcp 0 1 172.16.2.4:35523 63.90.130.245:443 SYN_SENT
tcp 0 1 172.16.2.4:35459 63.90.130.181:443 SYN_SENT
tcp 0 1 172.16.2.4:35751 63.90.131.181:443 SYN_SENT
tcp 0 1 172.16.2.4:35621 64.175.146.186:80 SYN_SENT
tcp 0 1 172.16.2.4:35123 63.90.69.14:443 FIN_WAIT1
tcp 0 1 172.16.2.4:35285 63.90.130.9:443 SYN_SENT
tcp 0 0 172.16.2.4:34355 213.154.70.2:443 ESTABLISHED
tcp 0 1 172.16.2.4:35544 63.90.131.11:443 SYN_SENT
tcp 0 1 172.16.2.4:35638 64.175.173.197:80 SYN_SENT
tcp 0 0 172.16.2.4:34388 213.154.70.2:443 ESTABLISHED
tcp 0 408 172.16.2.4:22 213.154.126.70:1025 ESTABLISHED
tcp 0 0 172.16.2.4:34202 213.154.70.2:443 ESTABLISHED
tcp 0 1 172.16.2.4:35606 63.90.131.73:443 SYN_SENT
tcp 0 1 172.16.2.4:35351 63.90.130.73:443 SYN_SENT
tcp 0 1 172.16.2.4:40650 61.13.225.214:443 SYN_SENT
tcp 0 1 172.16.2.4:35267 63.90.129.246:443 SYN_SENT
tcp 0 1 172.16.2.4:35203 63.90.129.182:443 SYN_SENT
tcp 0 1 172.16.2.4:35524 63.90.130.246:443 SYN_SENT
tcp 0 1 172.16.2.4:35460 63.90.130.182:443 SYN_SENT
tcp 0 1 172.16.2.4:35541 63.90.131.8:443 SYN_SENT
tcp 0 1 172.16.2.4:35286 63.90.130.10:443 SYN_SENT
tcp 0 0 172.16.2.4:34097 213.154.70.2:443 ESTABLISHED
tcp 1 1 172.16.2.4:41034 61.13.151.74:80 CLOSING
tcp 0 1 172.16.2.4:35605 63.90.131.72:443 SYN_SENT
tcp 0 1 172.16.2.4:35350 63.90.130.72:443 SYN_SENT
tcp 0 1 172.16.2.4:35268 63.90.129.247:443 SYN_SENT
tcp 0 1 172.16.2.4:35204 63.90.129.183:443 SYN_SENT
tcp 0 1 172.16.2.4:35525 63.90.130.247:443 SYN_SENT
tcp 0 1 172.16.2.4:35461 63.90.130.183:443 SYN_SENT
tcp 0 0 172.16.2.4:34016 213.154.70.2:443 ESTABLISHED
tcp 0 1 172.16.2.4:35287 63.90.130.11:443 SYN_SENT
tcp 0 1 172.16.2.4:35542 63.90.131.9:443 SYN_SENT
tcp 0 1 172.16.2.4:35604 63.90.131.71:443 SYN_SENT
tcp 0 1 172.16.2.4:35349 63.90.130.71:443 SYN_SENT
tcp 0 1 172.16.2.4:35269 63.90.129.248:443 SYN_SENT
tcp 0 1 172.16.2.4:35205 63.90.129.184:443 SYN_SENT
tcp 0 1 172.16.2.4:35526 63.90.130.248:443 SYN_SENT
tcp 0 1 172.16.2.4:35462 63.90.130.184:443 SYN_SENT
tcp 0 574 172.16.2.4:23 172.16.3.7:1914 ESTABLISHED
tcp 0 1 172.16.2.4:35539 63.90.131.6:443 SYN_SENT
tcp 0 1 172.16.2.4:35280 63.90.130.4:443 SYN_SENT
tcp 0 1 172.16.2.4:48327 213.154.141.126:443 FIN_WAIT1
tcp 0 1 172.16.2.4:48334 213.154.141.126:443 FIN_WAIT1
tcp 0 1 172.16.2.4:35603 63.90.131.70:443 SYN_SENT
tcp 0 1 172.16.2.4:35348 63.90.130.70:443 SYN_SENT
tcp 0 1 172.16.2.4:35270 63.90.129.249:443 SYN_SENT
tcp 0 1 172.16.2.4:35206 63.90.129.185:443 SYN_SENT
tcp 0 1 172.16.2.4:35527 63.90.130.249:443 SYN_SENT
tcp 0 1 172.16.2.4:35463 63.90.130.185:443 SYN_SENT
tcp 0 19 172.16.2.4:23 172.16.3.7:1915 ESTABLISHED
tcp 0 0 172.16.2.4:53836 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:48568 213.154.141.126:443 FIN_WAIT1
tcp 0 1 172.16.2.4:35281 63.90.130.5:443 SYN_SENT
tcp 0 1 172.16.2.4:35540 63.90.131.7:443 SYN_SENT
tcp 0 1 172.16.2.4:35602 63.90.131.69:443 SYN_SENT
tcp 0 1 172.16.2.4:35347 63.90.130.69:443 SYN_SENT
tcp 0 1 172.16.2.4:35271 63.90.129.250:443 SYN_SENT
tcp 0 1 172.16.2.4:35207 63.90.129.186:443 SYN_SENT
tcp 0 1 172.16.2.4:35528 63.90.130.250:443 SYN_SENT
tcp 0 1 172.16.2.4:35464 63.90.130.186:443 SYN_SENT
tcp 0 1 172.16.2.4:48755 213.154.141.126:443 FIN_WAIT1
tcp 0 1 172.16.2.4:35319 213.154.70.2:443 SYN_SENT
tcp 0 0 172.16.2.4:53643 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35537 63.90.131.4:443 SYN_SENT
tcp 0 1 172.16.2.4:35282 63.90.130.6:443 SYN_SENT
tcp 0 1 172.16.2.4:48950 213.154.141.126:443 FIN_WAIT1
tcp 0 1 172.16.2.4:35601 63.90.131.68:443 SYN_SENT
tcp 0 1 172.16.2.4:35346 63.90.130.68:443 SYN_SENT
tcp 0 1 172.16.2.4:35272 63.90.129.251:443 SYN_SENT
tcp 0 1 172.16.2.4:35208 63.90.129.187:443 SYN_SENT
tcp 0 1 172.16.2.4:35529 63.90.130.251:443 SYN_SENT
tcp 0 1 172.16.2.4:35465 63.90.130.187:443 SYN_SENT
tcp 0 0 172.16.2.4:34822 213.154.70.2:443 ESTABLISHED
tcp 0 1 172.16.2.4:49029 213.154.141.126:443 FIN_WAIT1
tcp 0 1 172.16.2.4:55084 61.13.2.78:443 SYN_SENT
tcp 0 1 172.16.2.4:35283 63.90.130.7:443 SYN_SENT
tcp 0 1 172.16.2.4:35538 63.90.131.5:443 SYN_SENT
tcp 0 0 172.16.2.4:55083 213.154.64.227:443 ESTABLISHED
tcp 0 0 172.16.2.4:38746 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35600 63.90.131.67:443 SYN_SENT
tcp 0 1 172.16.2.4:35345 63.90.130.67:443 SYN_SENT
tcp 0 1 172.16.2.4:35273 63.90.129.252:443 SYN_SENT
tcp 0 1 172.16.2.4:35209 63.90.129.188:443 SYN_SENT
tcp 0 1 172.16.2.4:35530 63.90.130.252:443 SYN_SENT
tcp 0 1 172.16.2.4:35466 63.90.130.188:443 SYN_SENT
tcp 0 0 172.16.2.4:38905 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35535 63.90.131.2:443 SYN_SENT
tcp 0 1 172.16.2.4:35276 63.90.130.0:443 SYN_SENT
tcp 0 19 172.16.2.4:44071 61.13.56.220:80 FIN_WAIT1
tcp 0 0 172.16.2.4:55259 213.154.64.227:443 ESTABLISHED
tcp 0 0 172.16.2.4:38514 213.154.64.227:443 ESTABLISHED
tcp 0 0 172.16.2.4:38515 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35599 63.90.131.66:443 SYN_SENT
tcp 0 1 172.16.2.4:35344 63.90.130.66:443 SYN_SENT
tcp 0 0 172.16.2.4:54890 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35274 63.90.129.253:443 SYN_SENT
tcp 0 1 172.16.2.4:35210 63.90.129.189:443 SYN_SENT
tcp 0 1 172.16.2.4:35531 63.90.130.253:443 SYN_SENT
tcp 0 1 172.16.2.4:35467 63.90.130.189:443 SYN_SENT
tcp 0 0 172.16.2.4:54878 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35620 64.175.146.178:80 SYN_SENT
tcp 0 1 172.16.2.4:35277 63.90.130.1:443 SYN_SENT
tcp 0 1 172.16.2.4:35536 63.90.131.3:443 SYN_SENT
tcp 0 1 172.16.2.4:35598 63.90.131.65:443 SYN_SENT
tcp 0 1 172.16.2.4:35343 63.90.130.65:443 SYN_SENT
tcp 0 0 172.16.2.4:21 61.140.78.101:1807 ESTABLISHED
tcp 0 1 172.16.2.4:35275 63.90.129.254:443 SYN_SENT
tcp 0 1 172.16.2.4:35211 63.90.129.190:443 SYN_SENT
tcp 0 1 172.16.2.4:35532 63.90.130.254:443 SYN_SENT
tcp 0 1 172.16.2.4:35468 63.90.130.190:443 SYN_SENT
tcp 0 1 172.16.2.4:35629 64.175.149.73:80 SYN_SENT
tcp 0 0 172.16.2.4:54713 213.154.64.227:443 ESTABLISHED
tcp 0 1 172.16.2.4:35533 63.90.131.0:443 SYN_SENT
tcp 0 1 172.16.2.4:35278 63.90.130.2:443 SYN_SENT
tcp 0 1 172.16.2.4:35597 63.90.131.64:443 SYN_SENT
tcp 0 1 172.16.2.4:35342 63.90.130.64:443 SYN_SENT
tcp 0 1 172.16.2.4:35212 63.90.129.191:443 SYN_SENT
tcp 0 1 172.16.2.4:35469 63.90.130.191:443 SYN_SENT
tcp 0 1 172.16.2.4:35279 63.90.130.3:443 SYN_SENT
tcp 0 1 172.16.2.4:35534 63.90.131.1:443 SYN_SENT
tcp 0 1 172.16.2.4:48036 213.154.141.126:443 FIN_WAIT1
udp 0 0 0.0.0.0:32768 0.0.0.0:*
udp 0 0 172.16.2.4:32828 172.16.2.1:53 ESTABLISHED
udp 0 296 172.16.2.4:32829 172.16.2.5:53 ESTABLISHED
udp 0 0 0.0.0.0:3049 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 1462 /dev/gpmctl
unix 2 [ ACC ] STREAM LISTENING 1488 /tmp/cd_sockV4
unix 10 [ ] DGRAM 1070 /dev/log
unix 2 [ ACC ] STREAM LISTENING 1582 /tmp/.font-
我用ipchains
ipchains -A input -p tcp -s 213.154.126.70 -j DROP
把它堵住了,但who还是看到它在
ps也看到有它的进程。
它建立的目录
[root@ns marian]# dir -l -R
.:
total 112
-rw-rw-r-- 1 marian marian 104072 12月 9 21:59 nou.tgz
drwxr-xr-x 2 marian marian 4096 4月 3 12:54 selena
./selena:
total 324
-rw-rw-r-- 1 marian marian 0 4月 3 11:40 209.126.pscan.443
-rw-rw-r-- 1 marian marian 0 4月 3 11:03 209.88.pscan.443
-rw-rw-r-- 1 marian marian 0 4月 3 11:02 211.100.0.0.pscan.443
-rwxr-xr-x 1 marian marian 728 9月 22 2002 assl
-rwxr-xr-x 1 marian marian 206 10月 19 10:35 auto
-rwxr-xr-x 1 marian marian 390 10月 19 10:35 doit4me
-rw-r--r-- 1 marian marian 12557 10月 19 10:35 main.c
-rw-r--r-- 1 marian marian 2077 9月 13 2002 main.h
-rw-r--r-- 1 marian marian 482 9月 22 2002 Makefile
-rwxr-xr-x 1 marian marian 18696 4月 3 13:03 oops
-rwxr-xr-x 1 marian marian 27237 4月 3 10:58 pscan2
-rw-r--r-- 1 marian marian 5767 9月 21 2002 pscan2.c
-rw-rw-r-- 1 marian marian 28 4月 3 12:53 res.log
-rwxr-xr-x 1 marian marian 3460 10月 23 08:29 runer
na.com
-rwxr-xr-x 1 marian marian 46379 4月 3 13:03 ssl
-rwxr-xr-x 1 marian marian 23070 4月 3 13:03 sslex
-rwxr-xr-x 1 marian marian 46218 4月 3 13:03 sslx
-rwxr-xr-x 1 marian marian 29061 4月 3 11:01 ssvuln
-rwxr-xr-x 1 marian marian 46218 4月 3 12:53 ssx
-rw-r--r-- 1 marian marian 20727 10月 22 11:06 su
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
利用溢出得到你的权限,然后把一些常用的文件用他自己的程序来代替,如ls netstat ps一类的
看来你可以将数据备份一下,然后考虑进行重新安装了
:)
搞不懂,这些知识哪里学的呀,哪些资料上有这些东西?
ls 不能用时你可以试试echo *