- 论坛徽章:
- 0
|
各位好:
这台服务器有两个网卡,eth0是接外网的,eth1是内网(跟另外一台服务器直连的)。
请帮忙看看messages的日志信息具体表示什么东东?
/var/log/messages下日志显示:
Jul 15 13:17:33 www kernel: martian source 10.0.0.2 from 10.0.0.3, on dev eth1
Jul 15 13:17:33 www kernel: ll header: ff:ff:ff:ff:ff:ff:00:0c:f1:dc:ee:5b:08:06
Jul 15 14:24:04 www kernel: martian source 10.0.0.2 from 10.0.0.3, on dev eth1
Jul 15 14:24:04 www kernel: ll header: ff:ff:ff:ff:ff:ff:00:0c:f1:dc:ee:5b:08:06
Jul 15 15:30:34 www kernel: martian source 10.0.0.2 from 10.0.0.3, on dev eth1
Jul 15 15:30:34 www kernel: ll header: ff:ff:ff:ff:ff:ff:00:0c:f1:dc:ee:5b:08:06
Jul 15 16:37:06 www kernel: martian source 10.0.0.2 from 10.0.0.3, on dev eth1
Jul 15 16:37:06 www kernel: ll header: ff:ff:ff:ff:ff:ff:00:0c:f1:dc:ee:5b:08:06
估计是被人攻击了,10.0.0.2 from 10.0.0.3这两个IP是不存在的。
eth1网卡的信息为:
eth1 Link encap:Ethernet HWaddr 00:E0:81:41:A8:67
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:86706103 errors:0 dropped:0 overruns:0 frame:0
TX packets:87777034 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1920416138 (1831.4 Mb) TX bytes:4035595959 (3848.6 Mb)
Interrupt:25 Base address:0x2040 Memory:dd220000-0
操作系统的信息为:
Red Hat Linux release 8.0 |
|