syn flood?
Marek Hevier
ktulu na pobox.sk
Sobota Listopad 8 20:30:47 CET 2003
Zdravim znovu celu konferu....
mam tu problem, s ktorym neviem zatial pohnut...
Na server jednoducho neprichadza posta, a odchodziu server posle, iba
z jednej domeny ju vracia.
Mam RH71 a pouzivam sendmail.
vypis logov pre onu spominanu domenu:
Nov 5 20:27:25 uhra sendmail[22497]: hA4MiIa15795:
to=<vjanco na post.sk>, ctladdr=<vladus na uhra.mtf.stuba.sk> (518/45),
delay=20:43:07, xdelay=00:00:01, mailer=esmtp, pri=103531122,
relay=smtp.post.sk. [217.67.20.134], dsn=4.0.0, stat=Deferred:
Connection refused by smtp.post.sk.
Mam podozrenie ze to moze suvisiet nejak s DOS utokom, pretoze po
netstatnuti dostanem nasledovny vysledok:
tcp 0 0 0.0.0.0:22 0.0.0.0:*
LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:*
LISTEN
tcp 0 0 147.175.139.10:25 12.129.205.51:11557
SYN_RECV
tcp 0 0 147.175.139.10:25 62.168.28.239:4859
SYN_RECV
tcp 0 0 147.175.139.10:25 12.129.205.60:19703
SYN_RECV
tcp 0 0 147.175.139.10:25 62.168.28.239:4860
SYN_RECV
tcp 0 0 147.175.139.10:25 64.156.187.151:51089
SYN_RECV
tcp 0 0 147.175.139.10:25 12.129.205.67:25883
SYN_RECV
tcp 0 0 147.175.139.10:25 12.129.205.45:38839
SYN_RECV
tcp 0 0 147.175.139.10:25 12.129.205.69:49654
SYN_RECV
tcp 0 0 147.175.139.10:25 12.129.205.58:8259
SYN_RECV
tcp 0 0 147.175.139.10:25 212.5.216.21:46416
SYN_RECV
zapis v /etc/hosts.allow
sendmail: all EXCEPT PARANOID
vie mi niekto pomoct? vopred dakujem
Marek
------------------------------------------------
Careful what you wish
careful what you say
you may regret it...
___________________________ @-'--}---
====================== REKLAMA =================================
Vyrazne zlavy pocitacov a prislusenstva
Sun Fire V210 server v cenach uz od 125.000,- Sk bez DPH
Navstivte nas na adrese http://www.somi.sk/sun/lowend_servery.php
================================================================
Další informace o konferenci Sendmail