我是被挂马了吗?
netstat -ano
有一堆这样的内容
tcp 0 1 10.0.4.17:51530 xx.85.24.15:6379 SYN_SENT on (0.90/0/0)
tcp 0 1 10.0.4.17:49974 xx.85.24.19:6379 SYN_SENT on (0.91/0/0)
tcp 0 1 10.0.4.17:58056 xx.85.21.118:6379 SYN_SENT on (0.75/0/0)
tcp 0 1 10.0.4.17:34884 xx.85.21.150:6379 SYN_SENT on (0.75/0/0)
tcp 0 1 10.0.4.17:42440 xx.85.24.121:6379 SYN_SENT on (0.93/0/0)
tcp 0 1 10.0.4.17:55696 xx.85.23.62:6379 SYN_SENT on (0.85/0/0)
tcp 0 1 10.0.4.17:43502 xx.85.24.193:6379 SYN_SENT on (0.94/0/0)
tcp 0 1 10.0.4.17:36658 xx.85.24.196:6379 SYN_SENT on (0.94/0/0)
tcp 0 1 10.0.4.17:53902 xx.85.25.20:6379 SYN_SENT on (0.97/0/0)
tcp 0 1 10.0.4.17:50098 xx.85.22.232:6379 SYN_SENT on (0.83/0/0)
tcp 0 1 10.0.4.17:40158 xx.85.23.202:6379 SYN_SENT on (0.89/0/0)
tcp 0 1 10.0.4.17:44094 xx.85.21.54:6379 SYN_SENT on (0.73/0/0)
tcp 0 1 10.0.4.17:56582 xx.85.23.69:6379 SYN_SENT on (0.85/0/0)
tcp 0 1 10.0.4.17:51224 xx.85.21.149:6379 SYN_SENT on (0.75/0/0)
网友说:
你就不能加个p吗?
网友说:
看不懂什么玩应
网友说:
ARP攻击
网友说:
看看那些 远程IP:6379 Redis ? 是不是你主动访问,要不是就是被入侵了.
网友说:
h20 发表于 2021-9-27 01:02
你就不能加个p吗?
tcp 0 1 10.0.4.17:45474 xx.203.160.0:6379 SYN_SENT – on (0.76/0/0)
tcp 0 1 10.0.4.17:34750 xx.203.161.177:6379 SYN_SENT – on (0.82/0/0)
tcp 0 1 10.0.4.17:46628 xx.203.160.245:6379 SYN_SENT – on (0.78/0/0)
tcp 0 1 10.0.4.17:49080 xx.203.159.89:6379 SYN_SENT – on (0.75/0/0)
tcp 0 1 10.0.4.17:41096 xx.203.162.46:6379 SYN_SENT – on (0.99/0/0)
tcp 0 1 10.0.4.17:34258 xx.203.161.28:6379 SYN_SENT – on (0.78/0/0)
tcp 0 1 10.0.4.17:41658 xx.203.159.121:6379 SYN_SENT – on (0.75/0/0)
tcp 0 1 10.0.4.17:52442 xx.203.162.55:6379 SYN_SENT – on (0.99/0/0)
tcp 0 1 10.0.4.17:46032 xx.203.162.122:6379 SYN_SENT – on (0.99/0/0)
tcp 0 1 10.0.4.17:49754 xx.203.160.45:6379 SYN_SENT – on (0.77/0/0)
网友说:
扫描别人的redis?
共有 0 条评论