Tema: Re: Problema
Autorius: Bilibobas
Data: 2010-10-15 11:31:59
uzklausos gali eiti, firewallo darbas filtruoti jas. Bet uzklausos neturi uzlenkti sistemos. Pas mane sshd veikia, uzklausu VISADA buna bet jos gyventi netrugdo. Tas pats is su ftpd- pabando prisiloginti ir poto nustoja. Serveris del to nesijaudina.
Vienintelis blogas variantas kai tu uzklausu buna tikrai daug, kai tave floodina ir atakuoja (DOSina). Cia tada gelbejo ir kokios nors kitokios priemones ir vamzdio storis.

Tu geriau tikrink, ar i tavo httpd failus neipurske kokio pasalinio kodo. O jei www ten valdomas keliu zmoniu, tai ar kuris nors vartotojas neisitaise kokiu nors virusu.

Bye, Levas

"Idomu" <idomus@omnitel.lt> wrote in message news:i99381$5pd$1@trimpas.omnitel.net...
> tai rodo begale bandymu jungtis prie ssh, bet kad as pakeiciau ssh porta ir 
> visai servisa sustabdziau, bet va vistiek tos uzklausos eina... nezinau, kur 
> ieskoti, galite pasiulyti dar ka? p.s. /tmp tai nieko neradau....
> 
> "Bilibobas" <kakbubu@tralia.lt> wrote in message 
> news:i992ib$4k4$1@trimpas.omnitel.net...
>> nu tai log failas apie problemas. Paziurek kas viduje. O poto galima ir 
>> istrinti.
>>
>> Ieskok blogesniu reikalu.
>>
>> "Idomu" <idomus@omnitel.lt> wrote in message 
>> news:i991q3$35k$1@trimpas.omnitel.net...
>>> va ka radau /log/var secure 209MB dydzio!!!!! ka daryti?
>>>
>>> "arulis" <aruliss@gmail.com> wrote in message
>>> news:i991gv$2k9$1@trimpas.omnitel.net...
>>>> tikrink visus /tmp - jau ka idomaus rasi :)
>>>>
>>>>
>>>> Idomu wrote:
>>>>
>>>>> tcp        0      1 www.xxx.xxx:41602         www.irrp.org.ua:ircd
>>>>> SYN_SENT    21698/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:40964         www.irrp.org.ua:ircd
>>>>> SYN_SENT    13812/sshd:
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:41045         www.irrp.org.ua:ircd
>>>>> ESTABLISHED 30397/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:42836         www.irrp.org.ua:ircd
>>>>> SYN_SENT    20227/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:43002         www.irrp.org.ua:ircd
>>>>> SYN_SENT    19599/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:43417         www.irrp.org.ua:ircd
>>>>> SYN_SENT    4043/sshd:
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:http 
>>>>> 189.115.38.86.ip.erdve:3660
>>>>> TIME_WAIT   -
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:45617         www.irrp.org.ua:ircd
>>>>> SYN_SENT    20028/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:47005         www.irrp.org.ua:ircd
>>>>> SYN_SENT    9362/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:46140         www.irrp.org.ua:ircd
>>>>> SYN_SENT    28397/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:47833         www.irrp.org.ua:ircd
>>>>> SYN_SENT    21565/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:47819         www.irrp.org.ua:ircd
>>>>> SYN_SENT    23774/sshd:
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:http 
>>>>> 189.115.38.86.ip.erdve:3674
>>>>> TIME_WAIT   -
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:47270         www.irrp.org.ua:ircd
>>>>> SYN_SENT    13625/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:47324         www.irrp.org.ua:ircd
>>>>> SYN_SENT    29728/sshd:
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:http 
>>>>> 189.115.38.86.ip.erdve:3676
>>>>> TIME_WAIT   -
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:http 
>>>>> 189.115.38.86.ip.erdve:3678
>>>>> TIME_WAIT   -
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:http 
>>>>> 189.115.38.86.ip.erdve:3680
>>>>> TIME_WAIT   -
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:33525         www.irrp.org.ua:ircd
>>>>> SYN_SENT    22203/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:32940         www.irrp.org.ua:ircd
>>>>> SYN_SENT    5330/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:32978         www.irrp.org.ua:ircd
>>>>> SYN_SENT    18157/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:33198         www.irrp.org.ua:ircd
>>>>> SYN_SENT    13399/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:35508         www.irrp.org.ua:ircd
>>>>> SYN_SENT    3577/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:35587         www.irrp.org.ua:ircd
>>>>> SYN_SENT    30051/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:35605         www.irrp.org.ua:ircd
>>>>> SYN_SENT    22380/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:35785         www.irrp.org.ua:ircd
>>>>> SYN_SENT    31830/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:34859         www.irrp.org.ua:ircd
>>>>> SYN_SENT    32212/sshd:
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:35024         www.irrp.org.ua:ircd
>>>>> ESTABLISHED 32526/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:36842         www.irrp.org.ua:ircd
>>>>> SYN_SENT    22484/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:35962         www.irrp.org.ua:ircd
>>>>> SYN_SENT    23776/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:36027         www.irrp.org.ua:ircd
>>>>> SYN_SENT    32349/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:36177         www.irrp.org.ua:ircd
>>>>> SYN_SENT    3373/sshd:
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:37539         www.irrp.org.ua:ircd
>>>>> ESTABLISHED 31821/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:37784         www.irrp.org.ua:ircd
>>>>> SYN_SENT    11581/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:37247         www.irrp.org.ua:ircd
>>>>> SYN_SENT    25830/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:38662         www.irrp.org.ua:ircd
>>>>> SYN_SENT    16184/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:38802         www.irrp.org.ua:ircd
>>>>> SYN_SENT    9790/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:38353         www.irrp.org.ua:ircd
>>>>> SYN_SENT    26291/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:39881         www.irrp.org.ua:ircd
>>>>> SYN_SENT    6136/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:39419         www.irrp.org.ua:ircd
>>>>> SYN_SENT    5884/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:40473         www.irrp.org.ua:ircd
>>>>> SYN_SENT    29850/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:40569         www.irrp.org.ua:ircd
>>>>> SYN_SENT    23989/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:40567         www.irrp.org.ua:ircd
>>>>> SYN_SENT    3972/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:40202         www.irrp.org.ua:ircd
>>>>> SYN_SENT    15837/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:59192         www.irrp.org.ua:ircd
>>>>> SYN_SENT    7838/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:59389         www.irrp.org.ua:ircd
>>>>> SYN_SENT    1913/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:59829         www.irrp.org.ua:ircd
>>>>> SYN_SENT    13610/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:60745         www.irrp.org.ua:ircd
>>>>> SYN_SENT    20008/sshd:
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:http 
>>>>> 189.115.38.86.ip.erdve:3607
>>>>> TIME_WAIT   -
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:http 
>>>>> 189.115.38.86.ip.erdve:3611
>>>>> TIME_WAIT   -
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:49760         www.irrp.org.ua:ircd
>>>>> SYN_SENT    32493/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:49675         www.irrp.org.ua:ircd
>>>>> SYN_SENT    1801/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:49828         www.irrp.org.ua:ircd
>>>>> SYN_SENT    11630/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:49362         www.irrp.org.ua:ircd
>>>>> SYN_SENT    18315/sshd:
>>>>>
>>>>> tcp        0      0 www.xxx.xxx:http 
>>>>> 189.115.38.86.ip.erdve:3618
>>>>> TIME_WAIT   -
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:49409         www.irrp.org.ua:ircd
>>>>> SYN_SENT    26615/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:49421         www.irrp.org.ua:ircd
>>>>> SYN_SENT    31988/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:50995         www.irrp.org.ua:ircd
>>>>> SYN_SENT    26518/sshd:
>>>>>
>>>>> tcp        0      1 www.xxx.xxx:51000         www.irrp.org.ua:ircd
>>>>> SYN_SENT    24558/sshd:
>>>>>
>>>>>
>>>>>
>>>>> va matau koki bruda, tai bando jungtis is www.irrp.org.ua:ircd sshu i
>>>>> mano
>>>>> www.xxx.xxx skirtingu portu.... Kaip praspresti sita reikala... sakysit
>>>>> firewall apsirastyti, centos nerases, tik turiu debiabn firewall
>>>>> prabandyta, kaip ispresti sita reikala?
>>>>>
>>>>>
>>>>> "bertas" <bertas@freemail.lt> wrote in message
>>>>> news:i98vm1$v26$1@trimpas.omnitel.net...
>>>>>> Man panaiai bna, bet irgi nerandu prieasties.
>>>>>> Tik pas mane, kiek suprantu apache visk suvalgo.
>>>>>> Tiesa iek tiek situacija pasitais, kai ijungiau clamav.
>>>>>> Bet iaip randomu kart  par, ar  savait randu serv
>>>>>> (virtual) pakibus - visas RAM sunaudotas, procesorius dirba 100%.
>>>>>> Nerandu problemos sprendimo. Tame servery pagrinde veikia apache, kiti
>>>>>> servisai kituose virtualiuose servuose. Jei kas susidr su tuo bt
>>>>>> gerai, kad duotumt mini. Blogiausia, kad negaliu prognozuoti kada
>>>>>> tai atsitiks...
>>>>>> 2010.10.15 09:44, arulis ra:
>>>>>>> netstat -atp
>>>>>>
>>>>
>>>
>>> 
> 
>
+bsd: dovanelemix2010-11-22 21:05
+file securitymykolas2010-11-22 19:20
+Xen triukasbertas2010-11-21 20:05
+LINUX ir Bites VMC. Padekit laimetinews-omni2010-11-19 20:56
+VirtualizacijaLiu2010-11-19 01:01
+HDD ERR UNCVilius Jakas2010-11-18 19:10
+Bacula ir TS2900lingus2010-11-17 12:58
+Q: .htaccessbambukas2010-11-17 12:56
+openvzatlaikes antanas2010-11-11 23:04
dell vostro 1500 ir vidinis IRDAhangover2010-11-09 23:34
+Interneto srauto stebejimasccc2010-11-09 10:27
+mceditGiedrius2010-11-05 17:48
+Failų apsauga nuo kopijavimoFlycat2010-11-05 10:23
+hosting control panelmix2010-11-04 09:23
+ext4 suformatuotos particijos atstatymasvytjon2010-11-02 13:31
+Web serveris ir rašymo teisės į diskąbullka2010-11-02 10:36
+debian raid installerisandrws2010-10-27 18:12
+Priėjimo kontrolėHyperlink2010-10-26 12:38
+Nelabai unix, bet : ar yra normalus ext3 supportas po windowsais?meska2010-10-22 09:00
Iceweasel + lietuvybėSigun2010-10-20 14:43
+Ubuntu 10.10 Netbook editionVasaris2010-10-15 21:29
-Problemapaprastas2010-10-14 21:46
Re: ProblemaDidzkis2010-10-18 14:26
Re: ProblemaIdomu2010-10-21 12:35
Re: Problemapaprastas2010-10-14 22:05
Re: ProblemaDidzkis2010-10-15 09:28
Re: Problemaarulis2010-10-15 09:43
Re: Problemabertas2010-10-15 10:25
Re: ProblemaDunduk@s2010-10-15 10:42
Re: ProblemaIdomu2010-10-15 10:49
Re: ProblemaDunduk@s2010-10-15 10:59
Re: ProblemaIdomu2010-10-15 11:12
Re: ProblemaIdomu2010-10-15 10:37
Re: ProblemaNicMC2010-10-17 23:19
Re: ProblemaDidzkis2010-10-15 14:36
Re: Problemaejs2010-10-15 13:02
Re: ProblemaIdomu2010-10-15 13:07
Re: ProblemaTadas2010-10-15 18:06
Re: Problemaejs2010-10-15 13:24
Re: Problemanews-omni2010-10-15 12:11
Re: Problemaarulis2010-10-15 14:12
Re: Problemaejs2010-10-15 12:45
Re: ProblemaIdomu2010-10-15 12:53
Re: ProblemaDidzkis2010-10-15 14:44
Re: Problemaarulis2010-10-15 10:57
Re: Problemaarulis2010-10-15 11:49
Re: ProblemaIdomu2010-10-15 11:58
Re: Problemaarulis2010-10-15 12:03
Re: ProblemaIdomu2010-10-15 13:00
Re: Problemaarulis2010-10-15 14:00
Re: Problemaarulis2010-10-15 14:20
Re: Problemaejs2010-10-15 14:25
Re: Problemaarulis2010-10-15 14:35
Re: Problemaejs2010-10-15 14:45
Re: Problemaarulis2010-10-15 14:55
Re: Problemaejs2010-10-15 13:03
Re: ProblemaIdomu2010-10-15 11:02
Re: ProblemaBilibobas2010-10-15 11:15
Re: ProblemaIdomu2010-10-15 11:26
Re: ProblemaBilibobas2010-10-15 11:31
Re: ProblemaIdomu2010-10-15 11:44
Re: ProblemaLevas2010-10-15 17:17
Re: ProblemaBilibobas2010-10-15 11:39
Re: Problemahangover2010-10-15 12:45
Re: ProblemaLevas2010-10-15 17:16
Re: ProblemaBilibobas2010-10-15 10:40
Re: ProblemaIdomu2010-10-15 10:45
Re: Problemanews-omni2010-10-15 11:54
+Ubuntu 64 bitai ir vaizdasno2010-10-11 14:32
Dilma Roussefnão acredita em DEUS 74697Dilma Roussef2010-10-09 05:31
+Q: LINUX -> senam pc P3/256/8mgvideoJohn Smith2010-10-04 13:24
+gedit shortcut'asMaug Lee2010-10-02 14:30
+Q: freebsd timebambukas2010-09-30 12:01
+xbmc live cd problemadonisg2010-09-28 23:50
Rosetta Stone Language CDklwn2010-09-28 08:33
+tinklinio disko mountmonaxas2010-09-20 20:27
+blogai, portalai apie linux administravimamykolas2010-09-18 16:14
+xfce4 ir LTbambukas2010-09-15 08:14
+Kaip nustatyt kas istrina failus serveryje?klausiu2010-09-13 10:59
+Mac OSX DVD kopijavimas i hdd per windowsm.k.2010-09-13 10:14
+smtp serveris namuosemykolas2010-09-12 12:03
+Linux perkelimas i esxiValierka2010-09-10 14:08
+Klausimas naujokoAlgirdas2010-09-08 13:48
+OT Linux distribucija....Mr.T2010-09-03 18:18
+Ubuntu 10.04 ekranasVitas2010-09-02 11:38
+Mokyklos intranetuiS.2010-09-01 17:50
+xfce rezoliucijabambukas2010-09-01 16:08
+Freebsd +assp, subject perasymo problemaRamunas A.2010-09-01 12:45
+FIREWALLIdomu2010-08-30 14:53
autocad electrical 2010 autodesk full download crack torrent j.couDo_ieecm2001 winols cpwin rapidshare torrent<ecm2001.winols@free-downloads.com>2010-08-25 23:45