有个 ip 192.121.86.94:80 一直在穷举扫描我的服务器,我该怎么办?

2014-04-12 21:13:17 +08:00
 leyle
RT,扫描了几个小时了,

类似下面的记录,我该怎么办啊?

root@xxx:~# netstat -an --ip | grep "192.121.86.94"
tcp 0 1 myserverip:46488 192.121.86.94:80 SYN_SENT
tcp 0 1 myserverip:46485 192.121.86.94:80 LAST_ACK
tcp 0 1 myserverip:46487 192.121.86.94:80 SYN_SENT
tcp 0 0 myserverip:46486 192.121.86.94:80 ESTABLISHED
root@xxx:~# netstat -an --ip | grep "192.121.86.94"
tcp 1 1 myserverip:46487 192.121.86.94:80 LAST_ACK
tcp 0 170 myserverip:46492 192.121.86.94:80 ESTABLISHED
tcp 0 0 myserverip:46491 192.121.86.94:80 ESTABLISHED
root@xxx:~# netstat -an --ip | grep "192.121.86.94"
tcp 0 0 myserverip:46502 192.121.86.94:80 ESTABLISHED
tcp 0 0 myserverip:46499 192.121.86.94:80 ESTABLISHED
tcp 0 170 myserverip:46503 192.121.86.94:80 ESTABLISHED
root@xxx:~# netstat -an --ip | grep "192.121.86.94"
tcp 0 0 myserverip:46508 192.121.86.94:80 ESTABLISHED
tcp 0 0 myserverip:46507 192.121.86.94:80 ESTABLISHED
tcp 0 170 myserverip:46509 192.121.86.94:80 ESTABLISHED
root@xxx:~# netstat -an --ip | grep "192.121.86.94"
tcp 0 1 myserverip:46515 192.121.86.94:80 SYN_SENT
tcp 0 1 myserverip:46514 192.121.86.94:80 LAST_ACK
tcp 0 1 myserverip:46516 192.121.86.94:80 SYN_SENT
tcp 0 0 myserverip:46513 192.121.86.94:80 ESTABLISHED
root@xxx:~# netstat -an --ip | grep "192.121.86.94"
tcp 0 0 myserverip:46519 192.121.86.94:80 ESTABLISHED
tcp 0 0 myserverip:46520 192.121.86.94:80 ESTABLISHED
tcp 0 170 myserverip:46521 192.121.86.94:80 ESTABLISHED
root@xxx:~# netstat -an --ip | grep "192.121.86.94"
tcp 0 1 myserverip:46533 192.121.86.94:80 SYN_SENT
tcp 0 1 myserverip:46532 192.121.86.94:80 SYN_SENT
tcp 0 1 myserverip:46530 192.121.86.94:80 LAST_ACK
tcp 0 1 myserverip:46531 192.121.86.94:80 LAST_ACK
tcp 0 0 myserverip:46529 192.121.86.94:80 ESTABLISHED
root@xxx:~# netstat -an --ip | grep "192.121.86.94"
tcp 0 1 myserverip:46756 192.121.86.94:80 LAST_ACK
tcp 0 1 myserverip:46759 192.121.86.94:80 SYN_SENT
tcp 0 0 myserverip:46758 192.121.86.94:80 ESTABLISHED
tcp 0 0 myserverip:46757 192.121.86.94:80 ESTABLISHED
2986 次点击
所在节点    问与答
7 条回复
niseter
2014-04-12 21:16:44 +08:00
iptables 封了就是啊
lanbing
2014-04-12 21:20:51 +08:00
直接封C段
Ever
2014-04-12 21:28:21 +08:00
主被动关系反了, 是你在请求那个IP的http.
leyle
2014-04-12 21:55:21 +08:00
@Ever 是啊,我以为是“那个ip在不停的连接我不同的端口”,把我吓坏了,后面才发现,是我自己发起的请求,搞了个大乌龙,实质是我对这些一点都不懂,让你们笑话了啊。
谢谢你们的回答。
Suanlatang
2014-04-12 22:07:45 +08:00
ban了 就好了
zxy
2014-04-13 00:00:28 +08:00
楼上让ban的,网络认真学了么
Suanlatang
2014-04-13 00:04:01 +08:00
@zxy 抱歉。。只看标题 没看内容。。。

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/108305

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX