Mi lehet ez?
írta: sketchifun, 6 éve
Az imént vettem észre, hogy nincsen minden rendben a hálózati kapcsolatommal.
Egy gyors Counter Strike indítás, azon belül is egy net_graph elég egyértelműen azt mutatja, hogy valami gond van.
A kis grafikon szinte fűrészjelet rajzol. Szerintem DDoS támadás van folyamatban, én arra tippelnék.
Valaki, aki kompetensebb a témában, felvilágosítana?
netstat -an eredménye:
Active Connections
Proto Local Address Foreign Address State
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:623 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING
TCP 0.0.0.0:16992 0.0.0.0:0 LISTENING
TCP 0.0.0.0:17500 0.0.0.0:0 LISTENING
TCP 0.0.0.0:27036 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49666 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING
TCP 0.0.0.0:49685 0.0.0.0:0 LISTENING
TCP 0.0.0.0:63262 0.0.0.0:0 LISTENING
TCP 127.0.0.1:843 0.0.0.0:0 LISTENING
TCP 127.0.0.1:10000 0.0.0.0:0 LISTENING
TCP 127.0.0.1:16709 0.0.0.0:0 LISTENING
TCP 127.0.0.1:17600 0.0.0.0:0 LISTENING
TCP 127.0.0.1:25639 0.0.0.0:0 LISTENING
TCP 127.0.0.1:27060 0.0.0.0:0 LISTENING
TCP 127.0.0.1:49719 0.0.0.0:0 LISTENING
TCP 127.0.0.1:49880 127.0.0.1:49881 ESTABLISHED
TCP 127.0.0.1:49881 127.0.0.1:49880 ESTABLISHED
TCP 127.0.0.1:49890 127.0.0.1:49891 ESTABLISHED
TCP 127.0.0.1:49891 127.0.0.1:49890 ESTABLISHED
TCP 127.0.0.1:49896 127.0.0.1:49897 ESTABLISHED
TCP 127.0.0.1:49897 127.0.0.1:49896 ESTABLISHED
TCP 127.0.0.1:50297 127.0.0.1:50298 ESTABLISHED
TCP 127.0.0.1:50298 127.0.0.1:50297 ESTABLISHED
TCP 127.0.0.1:50299 127.0.0.1:50300 ESTABLISHED
TCP 127.0.0.1:50300 127.0.0.1:50299 ESTABLISHED
TCP 127.0.0.1:50301 127.0.0.1:50302 ESTABLISHED
TCP 127.0.0.1:50302 127.0.0.1:50301 ESTABLISHED
TCP 127.0.0.1:50303 127.0.0.1:50304 ESTABLISHED
TCP 127.0.0.1:50304 127.0.0.1:50303 ESTABLISHED
TCP 127.0.0.1:50305 127.0.0.1:50306 ESTABLISHED
TCP 127.0.0.1:50306 127.0.0.1:50305 ESTABLISHED
TCP 127.0.0.1:50317 127.0.0.1:50318 ESTABLISHED
TCP 127.0.0.1:50318 127.0.0.1:50317 ESTABLISHED
TCP 192.168.43.75:139 0.0.0.0:0 LISTENING
TCP 192.168.43.75:5040 0.0.0.0:0 LISTENING
TCP 192.168.43.75:51929 208.78.164.14:27020 ESTABLISHED
TCP 192.168.43.75:51956 40.77.229.42:443 ESTABLISHED
TCP 192.168.43.75:51958 52.0.253.130:443 ESTABLISHED
TCP 192.168.43.75:51965 40.77.229.55:443 ESTABLISHED
TCP 192.168.43.75:51980 162.125.18.133:443 ESTABLISHED
TCP 192.168.43.75:52005 35.156.191.118:443 ESTABLISHED
TCP 192.168.43.75:52006 35.156.191.119:80 ESTABLISHED
TCP 192.168.43.75:52058 162.125.33.7:443 CLOSE_WAIT
TCP 192.168.43.75:52059 162.125.18.133:443 ESTABLISHED
TCP 192.168.43.75:52083 54.175.64.133:443 CLOSE_WAIT
TCP 192.168.43.75:52106 40.77.226.248:443 TIME_WAIT
TCP 192.168.43.75:52107 40.77.226.249:443 ESTABLISHED
TCP 192.168.43.75:52115 195.70.62.9:443 ESTABLISHED
TCP 192.168.43.75:52116 52.232.16.77:443 ESTABLISHED
TCP 192.168.43.75:52120 92.61.114.179:80 CLOSE_WAIT
TCP 192.168.43.75:52121 92.61.114.179:80 ESTABLISHED
TCP 192.168.43.75:52122 92.61.114.179:443 CLOSE_WAIT
TCP 192.168.43.75:52123 92.61.114.179:443 ESTABLISHED
TCP 192.168.43.75:52124 92.61.114.179:443 CLOSE_WAIT
TCP 192.168.43.75:52125 92.61.114.179:443 CLOSE_WAIT
TCP 192.168.43.75:52126 92.61.114.179:443 ESTABLISHED
TCP 192.168.43.75:52127 92.61.114.179:443 CLOSE_WAIT
TCP 192.168.43.75:52128 40.77.226.250:443 ESTABLISHED
TCP [::]:135 [::]:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
TCP [::]:623 [::]:0 LISTENING
TCP [::]:5357 [::]:0 LISTENING
TCP [::]:16992 [::]:0 LISTENING
TCP [::]:17500 [::]:0 LISTENING
TCP [::]:49664 [::]:0 LISTENING
TCP [::]:49665 [::]:0 LISTENING
TCP [::]:49666 [::]:0 LISTENING
TCP [::]:49667 [::]:0 LISTENING
TCP [::]:49668 [::]:0 LISTENING
TCP [::]:49685 [::]:0 LISTENING
TCP [::]:63262 [::]:0 LISTENING
TCP [::1]:49708 [::1]:49710 ESTABLISHED
TCP [::1]:49710 [::1]:49708 ESTABLISHED
TCP [2a00:1110:105:c202:ec26:3a65:f472:44ba]:51986 [2a03:2880:f007:1:face:b00c:0:1]:443 ESTABLISHED
TCP [2a00:1110:105:c202:ec26:3a65:f472:44ba]:52090 [2a03:2880:f107:83:face:b00c:0:25de]:443 ESTABLISHED
TCP [2a00:1110:105:c202:ec26:3a65:f472:44ba]:52119 [2a03:2880:f007:8:face:b00c:0:1]:443 ESTABLISHED
UDP 0.0.0.0:1900 *:*
UDP 0.0.0.0:3544 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:5050 *:*
UDP 0.0.0.0:5353 *:*
UDP 0.0.0.0:5353 *:*
UDP 0.0.0.0:5353 *:*
UDP 0.0.0.0:5353 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:17500 *:*
UDP 0.0.0.0:27036 *:*
UDP 0.0.0.0:49549 *:*
UDP 0.0.0.0:49572 *:*
UDP 0.0.0.0:52161 *:*
UDP 0.0.0.0:55526 *:*
UDP 0.0.0.0:55830 *:*
UDP 0.0.0.0:55937 *:*
UDP 0.0.0.0:56758 *:*
UDP 0.0.0.0:56759 *:*
UDP 0.0.0.0:59791 *:*
UDP 0.0.0.0:63262 *:*
UDP 0.0.0.0:64867 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:44301 *:*
UDP 127.0.0.1:49373 *:*
UDP 127.0.0.1:49664 *:*
UDP 127.0.0.1:60536 *:*
UDP 169.254.176.110:49374 *:*
UDP 192.168.43.75:137 *:*
UDP 192.168.43.75:138 *:*
UDP 192.168.43.75:1900 *:*
UDP 192.168.43.75:49372 *:*
UDP 192.168.43.75:60535 *:*
UDP 192.168.43.75:62367 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:5353 *:*
UDP [::]:5353 *:*
UDP [::]:5353 *:*
UDP [::]:5355 *:*
UDP [::]:49573 *:*
UDP [::]:55527 *:*
UDP [::]:55830 *:*
UDP [::]:55937 *:*
UDP [::]:56759 *:*
UDP [::]:59792 *:*
UDP [::]:63262 *:*
UDP [::]:64867 *:*
UDP [::1]:1900 *:*
UDP [::1]:60534 *:*
UDP [fe80::41d8:b:7228:5832%7]:1900 *:*
UDP [fe80::41d8:b:7228:5832%7]:60533 *:*
TCP 192.168.43.75:51929 208.78.164.14:27020 ESTABLISHED
TCP 192.168.43.75:51956 40.77.229.42:443 ESTABLISHED
TCP 192.168.43.75:51958 52.0.253.130:443 ESTABLISHED
TCP 192.168.43.75:51965 40.77.229.55:443 ESTABLISHED
TCP 192.168.43.75:51980 162.125.18.133:443 ESTABLISHED
TCP 192.168.43.75:52005 35.156.191.118:443 ESTABLISHED
TCP 192.168.43.75:52006 35.156.191.119:80 ESTABLISHED
TCP 192.168.43.75:52058 162.125.33.7:443 CLOSE_WAIT
TCP 192.168.43.75:52059 162.125.18.133:443 ESTABLISHED
TCP 192.168.43.75:52083 54.175.64.133:443 CLOSE_WAIT
TCP 192.168.43.75:52106 40.77.226.248:443 TIME_WAIT
TCP 192.168.43.75:52107 40.77.226.249:443 ESTABLISHED
TCP 192.168.43.75:52115 195.70.62.9:443 ESTABLISHED
TCP 192.168.43.75:52116 52.232.16.77:443 ESTABLISHED
TCP 192.168.43.75:52120 92.61.114.179:80 CLOSE_WAIT
TCP 192.168.43.75:52121 92.61.114.179:80 ESTABLISHED
TCP 192.168.43.75:52122 92.61.114.179:443 CLOSE_WAIT
TCP 192.168.43.75:52123 92.61.114.179:443 ESTABLISHED
TCP 192.168.43.75:52124 92.61.114.179:443 CLOSE_WAIT
TCP 192.168.43.75:52125 92.61.114.179:443 CLOSE_WAIT
TCP 192.168.43.75:52126 92.61.114.179:443 ESTABLISHED
TCP 192.168.43.75:52127 92.61.114.179:443 CLOSE_WAIT
TCP 192.168.43.75:52128 40.77.226.250:443 ESTABLISHED
A vastaggal kiemelt rész érdekelne. Mi zajlik ezeken a portokon?
