Quantcast
Channel: LowEndTalk
Viewing all articles
Browse latest Browse all 60501

How to find real IP/domU with ip_conntrack?

November 23, 2013, 12:04 am
$
0
0

Hello

I'v a Xen VPS node server with high ip_conntrack, I need find out which client cause this. below is the ip_conntrack 1% result. It easy to find there is a client use his vps attack 49.124.141.5, but how to find the real ip/domU behind? Thanks for any advice!

cat /proc/net/ip_conntrack;

tcp 6 431428 ESTABLISHED src=221.105.137.74 dst=49.124.141.5 sport=13415 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=221.105.137.74 sport=80 dport=13415 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431428 ESTABLISHED src=36.40.254.29 dst=49.124.141.5 sport=20623 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=36.40.254.29 sport=80 dport=20623 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=143.35.24.47 dst=49.124.141.5 sport=7582 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=143.35.24.47 sport=80 dport=7582 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=75.196.150.5 dst=49.124.141.5 sport=42994 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=75.196.150.5 sport=80 dport=42994 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=125.174.195.93 dst=49.124.141.5 sport=23926 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=125.174.195.93 sport=80 dport=23926 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=106.160.55.94 dst=49.124.141.5 sport=53334 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=106.160.55.94 sport=80 dport=53334 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=158.42.72.60 dst=49.124.141.5 sport=30871 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=158.42.72.60 sport=80 dport=30871 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=28.33.100.22 dst=49.124.141.5 sport=42076 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=28.33.100.22 sport=80 dport=42076 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431428 ESTABLISHED src=190.110.92.3 dst=49.124.141.5 sport=38085 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=190.110.92.3 sport=80 dport=38085 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431428 ESTABLISHED src=115.61.187.115 dst=49.124.141.5 sport=10521 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=115.61.187.115 sport=80 dport=10521 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=131.150.242.58 dst=49.124.141.5 sport=13791 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=131.150.242.58 sport=80 dport=13791 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431428 ESTABLISHED src=134.1.212.102 dst=49.124.141.5 sport=26224 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=134.1.212.102 sport=80 dport=26224 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=174.163.179.73 dst=49.124.141.5 sport=1803 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=174.163.179.73 sport=80 dport=1803 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=125.138.165.114 dst=49.124.141.5 sport=32631 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=125.138.165.114 sport=80 dport=32631 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=158.56.243.60 dst=49.124.141.5 sport=56856 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=158.56.243.60 sport=80 dport=56856 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=73.95.74.30 dst=49.124.141.5 sport=16440 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=73.95.74.30 sport=80 dport=16440 packets=0 bytes=0 mark=0 secmark=0 use=1
Search
Viewing all articles
Browse latest Browse all 60501

Trending Articles

Child Kidnapping: Amy McNeil was kidnapped on her way to school by 5 adults;...

February 5, 2017, 10:40 am

التين ސޫރަތުގެ ތަފްސީރު

April 2, 2020, 7:36 pm

Join Rice Puller Whatsapp Group (reply)

January 15, 2019, 12:03 pm

አዋጅ ቁጥር 881-2007 የሙስና ወንጀሎችን ለመደንገግ የወጣ አዋጅ

February 17, 2020, 7:49 am

Nalgonda District Police Office Mobile Numbers List in Telangana State

May 29, 2017, 8:30 pm

Muloraki Au

June 22, 2016, 1:44 am

OUR BRIGHT CHILDREN - Niharika D/o TP Rajesh, PEX AIR Kochi secured 97.8% in...

June 9, 2018, 2:50 am

[REQUEST] HP 625 F.21 BIOS Whitelist Removal - sp57760

May 7, 2013, 3:26 am

Neeli rangu cheeralona Lyrics and translation | GAV / Govindhudu andhari...

September 15, 2014, 8:20 am

Download New Album: Wizkid – Morayo (Full Album)

November 21, 2024, 4:59 pm

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

The Ten Commandments of Digital Control (Part 5)

June 27, 2019, 11:07 am

Mafia Hit List: The Top 15 Connecticut Mob Murders Of All-Time

April 9, 2019, 4:17 pm

Top 10 FBB OnlyFans & Muscle Girl OnlyFans in 2023

March 3, 2023, 11:29 am

Firmware Oficial para TV-Box K1 con sintonizador de Satélite DVB S2 (28-10-2015)

December 1, 2015, 10:59 pm

{Declared} Check RBSE Rajasthan Board 12th Arts Result 2016 @ rajresults.nic.in

May 27, 2016, 2:40 pm

Bureau of Internal Revenue: Regional Offices (Directory)

January 9, 2014, 11:06 pm

Download: Jay Miks ft Anicia – Nipundeko (MrRealBeats)

November 29, 2017, 6:36 pm

Alex Warren – Ordinary (Wedding Version) – Single [iTunes Plus M4A]

March 18, 2025, 12:12 pm

Actress Krissann Barretto Ties The Knot With Nathan Karamchandani In Dreamy...

April 23, 2024, 2:33 am
Search