Hace varios dias experimento una carga en un servidor muchas veces en estos logs aparece mi IP. y lo que hago es tener 10 ventanas abiertas en alguna de estas paginas que alojo en el server.
Código:
Cuando las banneo muchas veces he de bannear ips normales. Antes no salian estos mensajes en los logs.Oct 15 12:14:00 server kernel: ** SANITY ** IN= OUT=eth0 SRC=ipservidor DST=190.253.154.255 LEN=48 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=50755 WINDOW=5840 RES=0x00 ACK SYN URGP=0 Oct 15 12:14:00 server kernel: ** SDROP ** IN=eth0 OUT= MAC=00:11:43:fd:36:f0:00:0c:db:6d:fe:40:08:00 SRC=67.210.12.123 DST=ipservidor LEN=73 TOS=0x00 PREC=0x00 TTL=47 ID=37149 PROTO=UDP SPT=57243 DPT=53 LEN=53 Oct 15 12:14:00 server kernel: ** P2P ** IN=eth0 OUT= MAC=00:11:43:fd:36:f0:00:0c:db:6d:fe:40:08:00 SRC=77.209.96.231 DST=ipservidor LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=16518 DF PROTO=TCP SPT=4667 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 Oct 15 12:14:02 server kernel: ** P2P ** IN=eth0 OUT= MAC=00:11:43:fd:36:f0:00:0c:db:6d:fe:40:08:00 SRC=201.222.246.175 DST=ipservidor LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=29670 DF PROTO=TCP SPT=4661 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Oct 15 12:14:02 server kernel: ** SANITY ** IN= OUT=eth0 SRC=ipservidor DST=190.253.154.255 LEN=48 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=50755 WINDOW=5840 RES=0x00 ACK SYN URGP=0 Oct 15 12:14:05 server kernel: ** P2P ** IN=eth0 OUT= MAC=00:11:43:fd:36:f0:00:0c:db:6d:fe:40:08:00 SRC=201.222.246.175 DST=ipservidor LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=30149 DF PROTO=TCP SPT=4661 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Oct 15 12:14:06 server kernel: ** P2P ** IN=eth0 OUT= MAC=00:11:43:fd:36:f0:00:0c:db:6d:fe:40:08:00 SRC=77.209.96.231 DST=ipservidor LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=16629 DF PROTO=TCP SPT=4667 DPT=80 WINDOW=16384 RES=0x00 SYN URGP=0 Oct 15 12:14:07 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:07 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:07 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:07 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:07 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:08 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:08 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:08 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:09 server kernel: ** SANITY ** IN= OUT=eth0 SRC=ipservidor DST=190.253.154.255 LEN=48 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=50755 WINDOW=5840 RES=0x00 ACK SYN URGP=0 Oct 15 12:14:11 server kernel: ** P2P ** IN=eth0 OUT= MAC=00:11:43:fd:36:f0:00:0c:db:6d:fe:40:08:00 SRC=201.222.246.175 DST=ipservidor LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=31264 DF PROTO=TCP SPT=4661 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Oct 15 12:14:21 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:21 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:21 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:21 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:21 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:22 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:22 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:22 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:28 server named[1981]: lame server resolving '116.230.79.200.in-addr.arpa' (in '230.79.200.in-addr.arpa'?): 200.95.144.4#53 Oct 15 12:14:38 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:39 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:39 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:39 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:39 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:14:39 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:39 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 84.232.79.227#53 Oct 15 12:14:40 server named[1981]: lame server resolving '199.98.232.84.in-addr.arpa' (in '98.232.84.in-addr.arpa'?): 89.29.160.2#53 Oct 15 12:15:19 server kernel: ** P2P ** IN=eth0 OUT= MAC=00:11:43:fd:36:f0:00:0c:db:6d:fe:40:08:00 SRC=190.179.200.175 DST=ipservidor LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=23544 DF PROTO=TCP SPT=2323 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 Oct 15 12:15:22 server kernel: ** P2P ** IN=eth0 OUT= MAC=00:11:43:fd:36:f0:00:0c:db:6d:fe:40:08:00 SRC=190.179.200.175 DST=ipservidor LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=23759 DF PROTO=TCP SPT=2323 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Obvio no uso P2P.
Cada que se satura el servidor (mysql) voy a los logs y veo muchas lineas como estas. que antes no salian "un mes a la fecha"