服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 每秒有数百个条目的Auth.log
Intereting Posts
HP服务器关注指示灯是否闪烁? 什么是“应用程序防火墙”? 2Rx4 DDR2 ECC内存是否与socketsLGA771上的Intel Xeon兼容? 将Hyper-V虚拟机托pipe给客户 Linux:/ sbin / dhclient绑定到特定的接口? 使用Windows Server 2012 R2进行不可靠的内部DNSlogging查找 logrotate语法错误附近的意外令牌`20' 主机服务器IP地址不匹配Alogging,但仍然解决,网站加载好吗? SimpleSamlPHP Apache 403客户端被服务器拒绝 如何让Windows Server 2003 IIS在Apache中与SSL兼容 天青cli错误,而上传 带有DRBD / Pacemaker / Corosync 2节点群集的STONITH 如何使用PowerShell设置安全组的电子邮件地址? 在fedora10上安装openfire Mysql:GRANT命令拒绝用户'root'@'dhcp-xxxx。<company>'表'testtable'

每秒有数百个条目的Auth.log

由于来自许多不同IP的不断input,我的validation日志变得超级重(每个文件80G)。 

Jun 20 14:00:36 localhost pluto[1796]: packet from 180.30.141.75:20532: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 217.7.68.178:33733: not enough room in input packet for ISAKMP Message (remain=26, sd->size=28) Jun 20 14:00:36 localhost pluto[1796]: packet from 217.7.68.178:33733: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 217.7.68.178:33733: next payload type of ISAKMP Message has an unknown value: 76 (0x4c) Jun 20 14:00:36 localhost pluto[1796]: packet from 217.7.68.178:33733: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 61.8.76.134:27325: not enough room in input packet for ISAKMP Message (remain=26, sd->size=28) Jun 20 14:00:36 localhost pluto[1796]: packet from 61.8.76.134:27325: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 103.21.206.53:27430: not enough room in input packet for ISAKMP Message (remain=26, sd->size=28) Jun 20 14:00:36 localhost pluto[1796]: packet from 103.21.206.53:27430: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 183.108.222.31:40693: not enough room in input packet for ISAKMP Message (remain=26, sd->size=28) Jun 20 14:00:36 localhost pluto[1796]: packet from 183.108.222.31:40693: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 219.85.139.163:43305: not enough room in input packet for ISAKMP Message (remain=26, sd->size=28) Jun 20 14:00:36 localhost pluto[1796]: packet from 219.85.139.163:43305: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 61.8.76.134:45894: next payload type of ISAKMP Message has an unknown value: 30 (0x1e) Jun 20 14:00:36 localhost pluto[1796]: packet from 61.8.76.134:45894: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 219.85.139.163:43305: next payload type of ISAKMP Message has an unknown value: 126 (0x7e) Jun 20 14:00:36 localhost pluto[1796]: packet from 219.85.139.163:43305: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 124.80.133.178:49554: not enough room in input packet for ISAKMP Message (remain=26, sd->size=28) Jun 20 14:00:36 localhost pluto[1796]: packet from 124.80.133.178:49554: Received packet with mangled IKE header - dropped Jun 20 14:00:36 localhost pluto[1796]: packet from 124.80.133.178:49554: exchange type of ISAKMP Message has an unknown value: 45 (0x2d) Jun 20 14:00:36 localhost pluto[1796]: packet from 124.80.133.178:49554: Received packet with mangled IKE header - dropped

我不知道我是否是DDOS,如果我是,我可以保护自己。

这就是所有与IPSec相关的stream量。 你使用IPSec? 如果没有,只需对入站stream量实施适当的限制性防火墙,日志将停止。 如果您正在使用IPSec,则可能会创build一个防火墙白名单,以限制连接到您需要接受stream量的IP地址。