一直在查看我的iptables日志,有数百个不同的IP试图访问端口45702,谷歌似乎不太了解.
@H_502_20@它们总是以每个ip的块数到达
Jun 3 00:59:49 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:59:42 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:59:39 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:59:38 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:54:35 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:54:33 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:54:31 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:52:39 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:52:33 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:52:30 76.108.181.238 32253 in 130.88.149.86 45702 UDP Jun 3 00:52:29 76.108.181.238 32253 in 130.88.149.86 45702 UDP
除了确保关闭之外,有谁知道这是什么/有什么建议吗?
如果它是一个无用的端口,为什么所有这些IP都在访问它?
编辑:
现在它突然变成了另一个端口,还有很多不同的ip
Jun 3 02:02:19 157.157.153.131 62411 in 130.88.149.86 47515 TCP Jun 3 02:02:11 157.157.153.131 62411 in 130.88.149.86 47515 TCP Jun 3 02:02:07 157.157.153.131 62411 in 130.88.149.86 47515 TCP Jun 3 02:02:05 157.157.153.131 62411 in 130.88.149.86 47515 TCP Jun 3 02:02:04 157.157.153.131 62411 in 130.88.149.86 47515 TCP Jun 3 02:02:02 157.157.153.131 62411 in 130.88.149.86 47515 TCP Jun 3 02:02:03 157.157.153.131 62411 in 130.88.149.86 47515 TCP Jun 3 02:02:01 157.157.153.131 62411 in 130.88.149.86 47515 TCP Jun 3 02:02:00 157.157.153.131 62411 in 130.88.149.86 47515 TCP Jun 3 01:52:52 194.144.100.212 50879 in 130.88.149.86 47515 TCP Jun 3 01:52:44 194.144.100.212 50879 in 130.88.149.86 47515 TCP Jun 3 01:52:38 194.144.100.212 50879 in 130.88.149.86 47515 TCP Jun 3 01:52:40 194.144.100.212 50879 in 130.88.149.86 47515 TCP Jun 3 02:27:06 157.157.153.131 53228 in 130.88.149.86 47515 TCP Jun 3 02:27:05 157.157.153.131 53228 in 130.88.149.86 47515 TCP Jun 3 02:27:04 157.157.153.131 53228 in 130.88.149.86 47515 TCP Jun 3 02:27:03 157.157.153.131 53228 in 130.88.149.86 47515 TCP Jun 3 02:17:05 194.144.100.212 60288 in 130.88.149.86 47515 TCP Jun 3 02:16:57 194.144.100.212 60288 in 130.88.149.86 47515 TCP Jun 3 02:16:53 194.144.100.212 60288 in 130.88.149.86 47515 TCP Jun 3 02:16:51 194.144.100.212 60288 in 130.88.149.86 47515 TCP
我很困惑,但我猜它被捕了所以没关系,
我不明白的原因是为什么有很多不同的ip尝试相同的东西,我猜有人使用代理每隔几分钟就改变IP,并且真的喜欢45000以上的端口(因为很多关键服务都在那里运行?!? ).