一次观察NETGEAR的log引起的小排查-创新互联
一直从51CTO获取各种能量,几年前也暗暗下决心要写些有用的出来分享给大家。后来一直各种原因未能如愿,今天就先分享一个小case,只是记录一下这个事情,如果这个小case可以帮助到一些人也是很好的 : )
创新互联是一家业务范围包括IDC托管业务,网页空间、主机租用、主机托管,四川、重庆、广东电信服务器租用,电信机房托管,成都网通服务器托管,成都服务器租用,业务范围遍及中国大陆、港澳台以及欧美等多个国家及地区的互联网数据服务公司。首先说结论:
[Site allowed: pss.alicdn.com] from source10.0.0.6, Tuesday, Oct 31,2017 13:13:24
[Site allowed: gm.mmstat.com] from source10.0.0.6, Tuesday, Oct 31,2017 13:12:38
[LAN access from remote] from180.166.203.34:27842 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:46
[LAN access from remote] from180.168.204.233:44983 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:46
[LAN access from remote] from116.227.132.241:54087 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:36
[LAN access from remote] from182.141.198.193:13795 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:35
[LAN access from remote] from101.81.29.75:53954 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:26
[LAN access from remote] from182.141.198.193:13777 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:26
[LAN access from remote] from182.141.198.193:14396 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:26
[LAN access from remote] from180.166.203.34:5217 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:16
[LAN access from remote] from180.168.204.233:44963 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:16
[LAN access from remote] from116.227.132.241:53702 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:11:06
[LAN access from remote] from 101.81.29.75:53790to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:56
[LAN access from remote] from180.175.6.58:52103 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:56
[LAN access from remote] from180.166.203.34:45697 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:46
[LAN access from remote] from180.168.204.233:44952 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:46
[LAN access from remote] from117.42.108.159:4466 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:42
[LAN access from remote] from117.42.108.159:51342 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:42
[LAN access from remote] from124.79.39.187:49701 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:36
[LAN access from remote] from116.227.132.241:53421 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:36
[LAN access from remote] from180.175.212.180:54779 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:36
[LAN access from remote] from124.236.156.4:10585 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:31
[LAN access from remote] from101.81.29.75:53673 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:10:26
[LAN access from remote] from47.93.39.123:42742 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:09:08
[LAN access from remote] from47.93.39.123:10001 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:09:08
[LAN access from remote] from 47.93.32.48:10002to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:09:02
[LAN access from remote] from47.93.32.48:57248 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:09:02
[LAN access from remote] from47.93.37.222:58968 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:08:56
[LAN access from remote] from47.93.37.222:10001 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:08:56
[Site allowed: 47.92.21.16] from source10.0.0.6, Tuesday, Oct 31,2017 13:08:54
[LAN access from remote] from47.93.36.75:56338 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:08:50
[LAN access from remote] from123.56.3.233:10002 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:08:44
[LAN access from remote] from123.56.3.233:58070 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:08:44
[Site allowed: pis.alicdn.com] from source10.0.0.6, Tuesday, Oct 31,2017 13:08:44
[Site allowed: pcs-sdk-server.alibaba.com]from source 10.0.0.6, Tuesday, Oct 31,2017 13:08:29
[Site allowed: filesupload.b0.upaiyun.com]from source 10.0.0.6, Tuesday, Oct 31,2017 13:08:25
[Site allowed: pc.ad-safe.com] from source10.0.0.6, Tuesday, Oct 31,2017 13:08:25
[DHCP IP: (10.0.0.6)] to MAC addressC8:60:00:DE:0B:69, Tuesday, Oct 31,2017 13:08:25
[LAN access from remote] from36.62.91.114:35954 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:08:20
[LAN access from remote] from36.62.91.114:37431 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:08:20
[LAN access from remote] from114.82.32.214:50969 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:06:51
[LAN access from remote] from180.137.26.202:4408 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:06:45
[LAN access from remote] from116.224.135.178:59529 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:06:41
[LAN access from remote] from61.172.177.131:52028 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:06:41
[LAN access from remote] from 116.236.133.178:10921to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:06:40
[LAN access from remote] from180.137.26.202:1931 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:06:36
[LAN access from remote] from180.137.26.202:4407 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:06:36
[LAN access from remote] from139.226.64.15:35064 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:06:31
[LAN access from remote] from116.236.133.178:10920 to 10.0.0.6:4466, Tuesday, Oct 31,2017 13:06:31
抱着验证的想法,回到家,试着故意开着电脑,开着优酷客户端,但不进行播放视频。锁定以后观察日志,发现原来是优酷客户端的原因,即使没有人观看,还是会和外界通信上传分享带宽。马上改设置,改成只要点击关闭优酷客户端就马上推出程序(默认是点击关闭按钮继续保持在后台运行)。问题解决。
另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。
网站名称:一次观察NETGEAR的log引起的小排查-创新互联
网页链接:http://hbruida.cn/article/giidj.html