Quantcast
Channel: LowEndTalk
Viewing all articles
Browse latest Browse all 60542

How to find real IP/domU with ip_conntrack?

November 23, 2013, 12:04 am
$
0
0

Hello

I'v a Xen VPS node server with high ip_conntrack, I need find out which client cause this. below is the ip_conntrack 1% result. It easy to find there is a client use his vps attack 49.124.141.5, but how to find the real ip/domU behind? Thanks for any advice!

cat /proc/net/ip_conntrack;

tcp 6 431428 ESTABLISHED src=221.105.137.74 dst=49.124.141.5 sport=13415 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=221.105.137.74 sport=80 dport=13415 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431428 ESTABLISHED src=36.40.254.29 dst=49.124.141.5 sport=20623 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=36.40.254.29 sport=80 dport=20623 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=143.35.24.47 dst=49.124.141.5 sport=7582 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=143.35.24.47 sport=80 dport=7582 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=75.196.150.5 dst=49.124.141.5 sport=42994 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=75.196.150.5 sport=80 dport=42994 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=125.174.195.93 dst=49.124.141.5 sport=23926 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=125.174.195.93 sport=80 dport=23926 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=106.160.55.94 dst=49.124.141.5 sport=53334 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=106.160.55.94 sport=80 dport=53334 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=158.42.72.60 dst=49.124.141.5 sport=30871 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=158.42.72.60 sport=80 dport=30871 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=28.33.100.22 dst=49.124.141.5 sport=42076 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=28.33.100.22 sport=80 dport=42076 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431428 ESTABLISHED src=190.110.92.3 dst=49.124.141.5 sport=38085 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=190.110.92.3 sport=80 dport=38085 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431428 ESTABLISHED src=115.61.187.115 dst=49.124.141.5 sport=10521 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=115.61.187.115 sport=80 dport=10521 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=131.150.242.58 dst=49.124.141.5 sport=13791 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=131.150.242.58 sport=80 dport=13791 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431428 ESTABLISHED src=134.1.212.102 dst=49.124.141.5 sport=26224 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=134.1.212.102 sport=80 dport=26224 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=174.163.179.73 dst=49.124.141.5 sport=1803 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=174.163.179.73 sport=80 dport=1803 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=125.138.165.114 dst=49.124.141.5 sport=32631 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=125.138.165.114 sport=80 dport=32631 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=158.56.243.60 dst=49.124.141.5 sport=56856 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=158.56.243.60 sport=80 dport=56856 packets=0 bytes=0 mark=0 secmark=0 use=1
tcp 6 431429 ESTABLISHED src=73.95.74.30 dst=49.124.141.5 sport=16440 dport=80 packets=1 bytes=40 [UNREPLIED] src=49.124.141.5 dst=73.95.74.30 sport=80 dport=16440 packets=0 bytes=0 mark=0 secmark=0 use=1
Search
Viewing all articles
Browse latest Browse all 60542

Trending Articles

Moondru Mudichu 07-06-2016 – Polimer tv Serial

June 7, 2016, 9:10 am

SUPREME COURT RULES AGAINST O’NEILL GOVERNMENT

September 6, 2015, 2:15 pm

SPYAIR – RAGE OF DUST [Mora FLAC 24bit/96kHz]

December 8, 2016, 5:30 am

Main Rahoon ya Na Rahun Lyrics Translation | Bas Itna Hai Tumse Kehna

December 9, 2015, 10:40 am

22-06-2015 – Moondru Mudichu Serial

June 21, 2015, 6:54 am

My Sisters Plan For Me To Smell Her Feet (Fiction): Part 1,2,3 and 4!!!

October 26, 2014, 4:39 am

Download: Enalia – Malumbo

December 7, 2018, 2:14 am

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Rajasthan Board 12th Science Result 2018 name wise- RBSE 12th commerce result...

May 26, 2018, 9:35 pm

Ulster's King Coke Barney 'Rubble' Morgan leaves mansion to rot

March 13, 2014, 6:16 am

Black Angus Grilled Artichokes

July 16, 2016, 4:37 pm

Tavalequ

February 10, 2023, 10:58 am

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

August 20, 2016, 5:13 pm

Ummet Ozcan – Ocean’s Voice – Single [iTunes Plus M4A]

March 6, 2025, 5:11 pm

Critical Reasoning (CR) | Re: Outsourcing is the practice of obtaining from...

March 9, 2024, 2:32 am

Is DongFang Bubai better than the Greats in Condor heroes trilogy?

September 8, 2017, 10:38 am

Nalgonda District Police Office Mobile Numbers List in Telangana State

May 29, 2017, 8:30 pm

Felon with a Loaded Firearm Arrested Near Ohlone Greenway

February 11, 2025, 11:16 am

Júnior Porciúncula W-10 KONTAKT

February 14, 2020, 2:50 pm

hi bro file toyota 89663-60090

September 25, 2024, 6:15 pm
Search