Re: Connections suddenly increase
chris_at_nospam.com
Date: 10/20/04
- Next message: karan: "Cracks/Key Generators"
- Previous message: Walter Roberson: "Re: Access to parallel port in Linux and WinXP"
- Maybe in reply to: Jan Schloessin: "Re: Connections suddenly increase"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 20 Oct 2004 03:34:54 GMT
On 25 Sep 2004 07:21:28 -0700, moritz@uplink-verein.ch (moritz
gartenmeister) wrote:
>I run a Linux Bridge and run a script, which reads every minute
>/proc/sys/net/ipv4/netfilter/ip_conntrack_count and puts this number
>in a file.
>Now I have some 'strange' data:
>
>Numbers Wed Sep 22 13:59:11 CEST 2004 12098
>Numbers Wed Sep 22 14:00:11 CEST 2004 12137
>Numbers Wed Sep 22 14:01:11 CEST 2004 12215
>Numbers Wed Sep 22 14:02:11 CEST 2004 9990
>Numbers Wed Sep 22 14:03:11 CEST 2004 5518
>Numbers Wed Sep 22 14:04:11 CEST 2004 3262
>Numbers Wed Sep 22 14:05:11 CEST 2004 3215
>
>A really fast decrease of connections.
>
>Numbers Wed Sep 22 14:11:11 CEST 2004 4752
>Numbers Wed Sep 22 14:12:11 CEST 2004 11603
>Numbers Wed Sep 22 14:13:11 CEST 2004 17646
>
>And vice-versa...
>
>I think about a virus, bot, worm etc. But I am not sure about it. I
>have no rational explanation, why normal use of Internet would give
>such data.
>
>BTW: This connections are from a students dorm with about 500
>students/computers.
>
>Can anyone give me some light?
>
>thanks
>moritz
One of your students nmapping the world?
-Chris
- Next message: karan: "Cracks/Key Generators"
- Previous message: Walter Roberson: "Re: Access to parallel port in Linux and WinXP"
- Maybe in reply to: Jan Schloessin: "Re: Connections suddenly increase"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
