[CentOS] Can't get rid of SYN_RECV
Philip Reynolds
philip.reynolds at gmail.comFri Aug 4 08:12:09 UTC 2006
- Previous message: [CentOS] Can't get rid of SYN_RECV
- Next message: [CentOS] Directory tree disk usage utility
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 8/4/06, Paul <unix at bikesn4x4s.com> wrote: > > So, seeing this is weird activity, I wanna see if I can put a stop to it. > > So I added to iptables: > > -A INPUT -s 209.200.128.0/255.255.192.0 -j DROP > > -A OUTPUT -o eth0 -p tcp -m tcp -d 209.200.128.0/255.255.192.0 -j DROP > > > > I restarted httpd and still get the same thing. WTF??? > > > OK, I figured it out. The IP address that was attacking is actually > 63.240.230.5. nslookup on the above gives me 209.200.169.10. I really > dislike reverse lookups in logs and such. &*^(*%$%*&^_ netstat with the '-n' flag is the norm for looking at such things. Never trust the reverse lookups as you see. Phil.
- Previous message: [CentOS] Can't get rid of SYN_RECV
- Next message: [CentOS] Directory tree disk usage utility
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list