Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 05-02-2024, 07:04 AM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega International Area / French Corner v / [Réglé] Attaque sur le port80

Post Reply 
[Réglé] Attaque sur le port80
Author Message
Sleement Offline
Member
*

Posts: 50
Joined: Dec 2009
Reputation: 0
Post: #1
[Réglé] Attaque sur le port80
Donc voici des détails supplémentaires tell que demandé.

# netstat -an | grep SYN
Code:
tcp        0      0 72.55.184.44:80         67.205.95.182:41954     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:49803     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:58392     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:35961     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:52446     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:34956     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:53456     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:38029     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:57507     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:58029     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:55317     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:33954     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:36377     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:39443     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:36953     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:33922     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:46363     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:47285     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:38272     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:42221     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:44364     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:40476     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:46453     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:59836     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:60754     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:43381     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:60707     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:46781     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:40623     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:34317     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:35701     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:57153     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:41125     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:52067     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:36457     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:59214     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:56943     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:42587     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:52703     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:41682     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:38387     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:48824     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:33820     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:37450     SYN_RECV
tcp        0      0 72.55.184.44:80         67.205.95.182:56444     SYN_RECV
Et sa continu de grossire ...

Legen ;
Ip serveur : 72.55.184.44
Ip de l'attaque : 67.205.95.182
Ip client (Moi) : 24.202.13.161

Log Debug
Code:
Jan 25 20:09:38 serveur1 kernel: [22326.606398] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=62593 DF PROTO=TCP SPT=57839 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.606437] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=57839 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.607141] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=62594 DF PROTO=TCP SPT=57839 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.607176] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=62595 DF PROTO=TCP SPT=57839 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.616360] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=1597 DF PROTO=TCP SPT=44572 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.616360] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=44572 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.616360] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=1598 DF PROTO=TCP SPT=44572 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.616360] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=1599 DF PROTO=TCP SPT=44572 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.626604] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=43706 DF PROTO=TCP SPT=37554 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.642604] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=40831 DF PROTO=TCP SPT=42381 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.789283] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=33284 DF PROTO=TCP SPT=55146 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.789283] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=29166 DF PROTO=TCP SPT=80 DPT=55146 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.859186] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=62596 DF PROTO=TCP SPT=57839 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.859186] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=2827 DF PROTO=TCP SPT=80 DPT=57839 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.865211] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=1600 DF PROTO=TCP SPT=44572 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:38 serveur1 kernel: [22326.865211] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=41106 DF PROTO=TCP SPT=80 DPT=44572 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:38 serveur1 kernel: [22327.127089] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=62228 DF PROTO=TCP SPT=80 DPT=36846 WINDOW=91 RES=0x00 ACK FIN URGP=0
Jan 25 20:09:38 serveur1 kernel: [22327.127181] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=27267 DF PROTO=TCP SPT=36846 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:39 serveur1 kernel: [22327.641811] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=63605 DF PROTO=TCP SPT=80 DPT=58462 WINDOW=91 RES=0x00 ACK FIN URGP=0
Jan 25 20:09:39 serveur1 kernel: [22327.642538] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=23626 DF PROTO=TCP SPT=58462 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:40 serveur1 kernel: [22328.408036] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=52251 DF PROTO=TCP SPT=36242 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:40 serveur1 kernel: [22328.408036] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=4401 DF PROTO=TCP SPT=80 DPT=36242 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.870491] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=43707 DF PROTO=TCP SPT=37554 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.870491] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=37554 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.870491] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=43708 DF PROTO=TCP SPT=37554 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.870491] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=43709 DF PROTO=TCP SPT=37554 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.870491] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=8754 DF PROTO=TCP SPT=80 DPT=37554 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.880048] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=56989 DF PROTO=TCP SPT=41409 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.880088] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=41409 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.880539] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=56990 DF PROTO=TCP SPT=41409 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.880787] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=56991 DF PROTO=TCP SPT=41409 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.880827] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=43173 DF PROTO=TCP SPT=80 DPT=41409 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.890013] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=44885 DF PROTO=TCP SPT=55229 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.890013] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=55229 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.890535] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=44886 DF PROTO=TCP SPT=55229 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.890782] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=44887 DF PROTO=TCP SPT=55229 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.890822] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=19103 DF PROTO=TCP SPT=80 DPT=55229 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.895283] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=33468 DF PROTO=TCP SPT=37763 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.895319] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=1520 DF PROTO=TCP SPT=80 DPT=37763 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.900537] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=11159 DF PROTO=TCP SPT=55352 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.900575] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=55352 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.901029] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=11160 DF PROTO=TCP SPT=55352 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.901278] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=11161 DF PROTO=TCP SPT=55352 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.901318] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=60146 DF PROTO=TCP SPT=80 DPT=55352 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.911554] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=24792 DF PROTO=TCP SPT=36537 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.911595] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=36537 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.912045] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=24793 DF PROTO=TCP SPT=36537 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.912291] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=24794 DF PROTO=TCP SPT=36537 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.912334] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=32295 DF PROTO=TCP SPT=80 DPT=36537 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.921760] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=53739 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.921760] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=40265 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.923015] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=53740 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.923051] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=53741 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.932248] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=5457 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.932248] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=53562 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.932248] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=5458 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.932248] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=5459 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:41 serveur1 kernel: [22329.942506] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=9173 DF PROTO=TCP SPT=38149 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22330.014513] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=33285 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:41 serveur1 kernel: [22330.015222] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=15872 DF PROTO=TCP SPT=33285 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:41 serveur1 kernel: [22330.135351] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=53742 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:41 serveur1 kernel: [22330.145413] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=5460 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:42 serveur1 kernel: [22330.553362] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=53743 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:42 serveur1 kernel: [22330.563382] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=5461 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:42 serveur1 kernel: [22331.485052] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=53744 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:42 serveur1 kernel: [22331.495161] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=5462 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:43 serveur1 kernel: [22331.701041] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=49683 DF PROTO=TCP SPT=41850 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:43 serveur1 kernel: [22331.701041] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=8323 DF PROTO=TCP SPT=80 DPT=41850 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:43 serveur1 kernel: [22331.770670] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=56917 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:43 serveur1 kernel: [22331.771287] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=1719 DF PROTO=TCP SPT=56917 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:43 serveur1 kernel: [22332.009149] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=19530 DF PROTO=TCP SPT=47510 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:43 serveur1 kernel: [22332.019128] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=5030 DF PROTO=TCP SPT=34741 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:43 serveur1 kernel: [22332.326671] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=45056 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:43 serveur1 kernel: [22332.327309] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=7728 DF PROTO=TCP SPT=45056 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:44 serveur1 kernel: [22333.177279] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=43786 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:44 serveur1 kernel: [22333.178003] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=25232 DF PROTO=TCP SPT=43786 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:44 serveur1 kernel: [22333.362212] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=53745 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:44 serveur1 kernel: [22333.362212] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=9174 DF PROTO=TCP SPT=38149 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:44 serveur1 kernel: [22333.370615] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=5463 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:45 serveur1 kernel: [22333.850223] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=40265 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:45 serveur1 kernel: [22333.850875] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=53746 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:46 serveur1 kernel: [22334.857691] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=53562 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:46 serveur1 kernel: [22334.858309] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=5464 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:46 serveur1 kernel: [22334.996668] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=15873 DF PROTO=TCP SPT=33285 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:47 serveur1 kernel: [22336.001662] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=36108 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:47 serveur1 kernel: [22336.002501] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=56302 DF PROTO=TCP SPT=36108 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:47 serveur1 kernel: [22336.121679] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=13676 DF PROTO=TCP SPT=43716 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:47 serveur1 kernel: [22336.121679] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=43716 WINDOW=0 RES=0x00 RST URGP=0
Jan 25 20:09:47 serveur1 kernel: [22336.867071] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=53747 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:47 serveur1 kernel: [22336.877045] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=5465 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:47 serveur1 kernel: [22336.905166] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=25485 DF PROTO=TCP SPT=80 DPT=59816 WINDOW=91 RES=0x00 ACK FIN URGP=0
Jan 25 20:09:47 serveur1 kernel: [22336.909098] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=32623 DF PROTO=TCP SPT=59816 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:48 serveur1 kernel: [22337.724093] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=7478 DF PROTO=TCP SPT=80 DPT=55364 WINDOW=91 RES=0x00 ACK FIN URGP=0
Jan 25 20:09:48 serveur1 kernel: [22337.724182] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=58120 DF PROTO=TCP SPT=55364 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:49 serveur1 kernel: [22338.129262] BANDWIDTH_IN:IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:ff:55:02:ae:08:00 SRC=72.55.184.60 DST=72.55.184.63 LEN=202 TOS=0x00 PREC=0x00 TTL=128 ID=36565 PROTO=UDP SPT=138 DPT=138 LEN=182
Jan 25 20:09:49 serveur1 kernel: [22338.129301] BANDWIDTH_IN:IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:ff:55:02:ae:08:00 SRC=72.55.184.60 DST=72.55.184.63 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=36566 PROTO=UDP SPT=137 DPT=137 LEN=58
Jan 25 20:09:49 serveur1 kernel: [22338.324812] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=25233 DF PROTO=TCP SPT=43786 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:49 serveur1 kernel: [22339.040635] BANDWIDTH_IN:IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:ff:55:02:ae:08:00 SRC=72.55.184.60 DST=72.55.184.63 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=36567 PROTO=UDP SPT=137 DPT=137 LEN=58
Jan 25 20:09:50 serveur1 kernel: [22339.740162] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=51823 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.740705] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=2789 DF PROTO=TCP SPT=51823 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.765680] BANDWIDTH_IN:IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1b:21:45:87:94:08:00 SRC=72.55.184.48 DST=72.55.184.63 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=21457 PROTO=UDP SPT=138 DPT=138 LEN=209
Jan 25 20:09:50 serveur1 kernel: [22339.804660] BANDWIDTH_IN:IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:03:ff:55:02:ae:08:00 SRC=72.55.184.60 DST=72.55.184.63 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=36568 PROTO=UDP SPT=137 DPT=137 LEN=58
Jan 25 20:09:50 serveur1 kernel: [22339.926920] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=9175 DF PROTO=TCP SPT=38149 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.926920] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=38149 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.926920] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=9176 DF PROTO=TCP SPT=38149 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.926920] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=9177 DF PROTO=TCP SPT=38149 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.937709] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=12918 DF PROTO=TCP SPT=39713 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.937709] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=39713 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.937709] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=12919 DF PROTO=TCP SPT=39713 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.937709] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=12920 DF PROTO=TCP SPT=39713 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:50 serveur1 kernel: [22339.947961] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=32046 DF PROTO=TCP SPT=53854 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jan 25 20:09:50 serveur1 kernel: [22340.139144] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=9178 DF PROTO=TCP SPT=38149 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:50 serveur1 kernel: [22340.139144] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=44954 DF PROTO=TCP SPT=80 DPT=38149 WINDOW=91 RES=0x00 ACK URGP=0
Jan 25 20:09:50 serveur1 kernel: [22340.159009] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=12921 DF PROTO=TCP SPT=39713 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:51 serveur1 kernel: [22340.420929] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=40265 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:51 serveur1 kernel: [22340.421654] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=53748 DF PROTO=TCP SPT=40265 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:51 serveur1 kernel: [22340.561258] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=12922 DF PROTO=TCP SPT=39713 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:51 serveur1 kernel: [22340.913065] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=66.249.71.106 DST=72.55.184.44 LEN=302 TOS=0x00 PREC=0x00 TTL=55 ID=47969 DF PROTO=TCP SPT=52975 DPT=80 WINDOW=92 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:52 serveur1 kernel: [22341.512782] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=12923 DF PROTO=TCP SPT=39713 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:52 serveur1 kernel: [22341.565614] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=53562 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:52 serveur1 kernel: [22341.566307] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=5466 DF PROTO=TCP SPT=53562 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:52 serveur1 kernel: [22341.723971] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=56303 DF PROTO=TCP SPT=36108 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:52 serveur1 kernel: [22341.965605] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=37410 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Jan 25 20:09:52 serveur1 kernel: [22341.966347] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=40924 DF PROTO=TCP SPT=37410 DPT=80 WINDOW=183 RES=0x00 ACK URGP=0
Jan 25 20:09:52 serveur1 kernel: [22342.021741] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=7729 DF PROTO=TCP SPT=45056 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:52 serveur1 kernel: [22342.031810] BANDWIDTH_IN:IN=eth0 OUT= MAC=00:0e:0c:bc:23:32:00:d0:04:01:ec:00:08:00 SRC=67.205.95.182 DST=72.55.184.44 LEN=57 TOS=0x00 PREC=0x00 TTL=63 ID=1720 DF PROTO=TCP SPT=56917 DPT=80 WINDOW=183 RES=0x00 ACK PSH URGP=0
Jan 25 20:09:53 serveur1 kernel: [22342.829096] BANDWIDTH_OUT:IN= OUT=eth0 SRC=72.55.184.44 DST=67.205.95.182 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=80 DPT=52365 WINDOW=5792 RES=0x00 ACK SYN URGP=0
Aucune ne trace de ces connexions la dans apache même rien dans access.log

On peut voir les connexions transitant vers le port 80 du serveur. Mais reste que je peux seulement les trouvé au niveau des logs suivant ;
Dir /var/log/
debug
bandwidth
kern.log
Pourquoi je ne peux pas voir ces connexion autre part que dans ces trois log. Ya t'il un moyen pour se prémunir de se genre d'attaque. Sans trop m'avancé j'imagine qu'il s’agit d'une d'attaque type DDoS.

Merci pour votre aide et patience envers moi !! Je sais que je ne suis pas facile des fois. Mais faux aussi comprendre que c'est frustrant mais je ne lâcherais pas la patate tant que je n’aurais pas mis fin a tout sa.


Produit de sécurité installé !!!
mod_security2, Fail2ban, Filtre Iptables,
(This post was last modified: 01-28-2010 03:06 AM by Sleement.)
01-24-2010 09:09 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Nuxwin
Unregistered

 
Post: #2
RE: Systeme intermittemment
(01-24-2010 09:09 AM)Sleement Wrote:  Bonjour,
petit problème !!

Mon système ne me répond intermittemment de plus tout fonctionne pourtant svp.

Merci

Salut David ;

Tu pourrais être plus explicite ? J'ai rien compris...

Cordialement ;
01-25-2010 12:45 AM
Quote this message in a reply
Sleement Offline
Member
*

Posts: 50
Joined: Dec 2009
Reputation: 0
Post: #3
RE: Systeme intermittemment
Rien a faire j'ai bloqué l'ip dans iptables et sa continue. Ya pas quelque chose simple ou compliqué a faire de l'aide je sais pus quoi faire je nages dans le néan.
Bonjour,
Il semble que j’ai tout de même réussi a réglé le problème. Un fichier de sécurité n’était pas activé par default dans debian. Je vais vous confirmé plus tard.
Non en fait rien ne fonctionne fausse joie.
L'attaque vien de recomencé.
Bonjour,
Me revoillà.

Code:
# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
      1 Address
      1 servers)
      1 24.202.13.161
      3 86.210.25.129
      1 209.172.41.200
    311 67.205.95.182

J’ai fait une petite enquête sur mon problème il semblerait que peut être plusieurs aurait le même problème. J’ai testé moi-même sur un autre site 1 minute ou deux et on dirait bien qu’i ya pas juste moi.
Ceci dit l'attaque reçu consiste a se connecté mais sans demandé de requête à apache. Tout simplement apache patiente accumule les connexions et les mets en attente et voilà apache ne fonction plus. Apache écrie dans les logs seulement les connexions ayans demandé une requête. Une belle faille de sécurité pour apache. J'ai fait quelque petite recherche, Il ne semble pas existé de recette miracle, mais vous pouvez toujours limiter les dégâts en mettant en place des filtres avec iptables.
01-26-2010 09:09 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Nuxwin
Unregistered

 
Post: #4
RE: Attaque sur le port80
Bonjour ;

Tu ne peux pas parler de faille car il ne s'agit pas de cela. Dans ce cas, tous les services réseaux ont cette failles. Ici, il s'agit simplement de configuration.

Comme tu le dis, il n'y pas de recette miracle mais il est toutefois possible de configurer convenablement Apache pour limiter les dégâts. Comme je te l'ai dit hier, il te suffit de limiter le nombre de connexions simultanées ainsi que le nombre de connexions persistantes (cf Params MaxClient && MaxKeepAliveRequests d'apache ).

Il existe plusieurs solutions pour sécuriser* les sites victimes d'attaques DoS, notamment au niveau d'apache lui-même.

* Il serait plus juste de dire essayer de sécuriser.
Exemple (prefork):

Code:
MaxClients 150
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5

Note: IspCP utilise le module worker. Fais attention à ce que tu fais.

Bien entendu, tu peux passer via netfilter et créer des règles de filtrage beaucoup plus agressives mais dans ce cas, tu risque de refuser des requêtes légitimes, notamment pour les utilisateurs qui se trouvent derrière un serveur mandataire (proxy).

Je n'ai malheureusement pas eu le temps de faire quoi que ce soit sur ton serveur hier soir. Je suis très occupé en ce moment. Je suis désolé.
01-27-2010 11:35 PM
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication