muito tráfego UDP de IPs desconhecidos

Navegue suas respostas
0

Eu encontrei no meu servidor uma grande atividade 60Mbit de largura de banda usando apenas para conexões UDP

não 172.37.3.11.2001 nem 239.1.3.3.1234 não são meu IP, mesmo que eles não estejam na minha rede.

Poderia, por favor, explicar o que poderia ser e como resolvê-lo :( Muito obrigado

tcpdump -i eth5 

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth5, link-type EN10MB (Ethernet), capture size 262144 bytes
17:14:35.944467 IP 172.37.3.11.2001 > 239.1.3.7.1234: UDP, length 1316
17:14:35.944511 IP 172.37.3.11.2001 > 239.1.3.15.1234: UDP, length 1316
17:14:35.944533 IP 172.37.3.11.2001 > 239.1.3.11.1234: UDP, length 1316
17:14:35.944589 IP 172.37.3.11.2001 > 239.1.3.5.1234: UDP, length 1316
17:14:35.944600 IP 172.37.3.11.2001 > 239.1.3.1.1234: UDP, length 1316
17:14:35.944602 IP 172.37.3.11.2001 > 239.1.3.7.1234: UDP, length 1316
17:14:35.944656 IP 172.37.3.11.2001 > 239.1.3.3.1234: UDP, length 1316
17:14:35.944701 IP 172.37.3.11.2001 > 239.1.3.1.1234: UDP, length 1316
17:14:35.944766 IP 172.37.3.11.2001 > 239.1.3.7.1234: UDP, length 1316
17:14:35.944833 IP 172.37.3.11.2001 > 239.1.3.3.1234: UDP, length 1316
17:14:35.944851 IP 172.37.3.11.2001 > 239.1.3.1.1234: UDP, length 1316
17:14:35.944929 IP 172.37.3.11.2001 > 239.1.3.7.1234: UDP, length 1316
17:14:35.945001 IP 172.37.3.11.2001 > 239.1.3.1.1234: UDP, length 1316
17:14:35.945028 IP 172.37.3.11.2001 > 239.1.3.3.1234: UDP, length 1316
17:14:35.945092 IP 172.37.3.11.2001 > 239.1.3.5.1234: UDP, length 1316
17:14:35.945093 IP 172.37.3.11.2001 > 239.1.3.7.1234: UDP, length 1316
17:14:35.945158 IP 172.37.3.11.2001 > 239.1.3.1.1234: UDP, length 1316
17:14:35.945223 IP 172.37.3.11.2001 > 239.1.3.3.1234: UDP, length 1316
17:14:35.945258 IP 172.37.3.11.2001 > 239.1.3.7.1234: UDP, length 1316
17:14:35.945286 IP 172.37.3.11.2001 > 239.1.3.15.1234: UDP, length 1316

com -vv 

17:48:53.978797 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 1344)
    172.37.3.11.2001 > 239.1.3.14.1234: [no cksum] UDP, length 1316
17:48:53.978846 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 1344)
    172.37.3.11.2001 > 239.1.3.12.1234: [no cksum] UDP, length 1316
17:48:53.979075 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 1344)
    172.37.3.11.2001 > 239.1.3.74.1234: [no cksum] UDP, length 1316
17:48:53.979213 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 1344)
    172.37.3.11.2001 > 239.1.3.38.1234: [no cksum] UDP, length 1316
17:48:53.979275 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 1344)
    172.37.3.11.2001 > 239.1.3.42.1234: [no cksum] UDP, length 1316
17:48:53.979332 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 1344)
    172.37.3.11.2001 > 239.1.3.40.1234: [no cksum] UDP, length 1316
17:48:53.979351 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 1344)
    172.37.3.11.2001 > 239.1.3.32.1234: [no cksum] UDP, length 1316
17:48:53.979405 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 1344)
    172.37.3.11.2001 > 239.1.3.16.1234: [no cksum] UDP, length 1316
17:48:53.979789 IP (tos 0x0, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 1344)
    
por David Ambarsumov 24.05.2017 / 16:19

0 respostas

como voltar no Ubuntu para liberar espaço? O Windows 8 remove o Grub como gerenciador de inicialização padrão