Jump to content
Калькуляторы

ddos аттака, непонятно

Возник небольшой вопрос, уже второй раз замечаем ddos в нашу сторону:

14:39:07.412295 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 48.136.4.190.14 > 178.2.15.60.80: Flags [s], seq 520508754, win 16484, length 0
14:39:07.412296 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 144.21.118.55.10 > 178.2.15.60.80: Flags [s], seq 2568969609, win 64240, length 0
14:39:07.412297 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 144.21.118.55.10 > 178.2.15.60.80: Flags [s], seq 2568969610, win 16484, length 0
14:39:07.412299 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 48.136.4.190.14 > 178.2.15.60.80: Flags [s], seq 520508755, win 64240, length 0
14:39:07.412301 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 67.51.27.2.1 > 178.2.15.60.80: Flags [s], seq 2705859438, win 64240, length 0
14:39:07.412302 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 67.51.27.2.1 > 178.2.15.60.80: Flags [s], seq 2705859439, win 16384, length 0
14:39:07.412302 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 191.83.38.176.3 > 178.2.15.60.80: Flags [s], seq 2998818729, win 16384, length 0
14:39:07.412303 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 184.110.205.196.10 > 178.2.15.60.80: Flags [s], seq 3585633964, win 16384, length 0
14:39:07.412304 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 184.110.205.196.10 > 178.2.15.60.80: Flags [s], seq 3585633965, win 16484, length 0
14:39:07.412305 00:0a:f3:31:98:40 > 64:87:88:59:eb:1b, ethertype 802.1Q (0x8100), length 64: vlan 121, p 0, ethertype IPv4, 191.83.38.176.3 > 178.2.15.60.80: Flags [s], seq 2998818730, win 16384, length 0

Вот думаем, как бы в ядре с этим поборотся, приходит на конечный сервер, пока фаером зафильтровали src port range 1-1024, но как-то не приятно

Share this post


Link to post
Share on other sites

Адрес 178.2.15.60 ? Уж очень похоже на DSL в Германии.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this