日期:2014-05-16  浏览次数:20746 次

系统被SYN_RECV攻击,不求解决方法,只求找到原因
今天晚上,第三方监控网站发来邮件提醒,说服务器无法连接,立即ssh上去,卡得要死。

netstat一看,基本上很多如下:
tcp        0      0 1.2.3.4:80         61.130.51.186:63121     SYN_RECV    -               
tcp        0      0 1.2.3.4:80         218.25.197.162:27626    SYN_RECV    -               
tcp        0      0 1.2.3.4:80         222.78.251.82:2186      SYN_RECV    -               
tcp        0      0 1.2.3.4:80         60.190.0.30:2174        SYN_RECV    -               
tcp        0      0 1.2.3.4:80         118.254.9.13:1629       SYN_RECV    -               
tcp        0      0 1.2.3.4:80         218.90.220.174:2289     SYN_RECV    -               
tcp        0      0 1.2.3.4:80         121.13.225.58:1089      SYN_RECV    -               
tcp        0      0 1.2.3.4:80         59.56.178.213:4218      SYN_RECV    -               
tcp        0      0 1.2.3.4:80         112.112.4.66:2116       SYN_RECV    -