Is This Normal Or someone trying hard to crash server?
Recently someone from superb.net tried to login to server and now a days i get 20 to 30 spam emails in 1 min with interval of like 5 hours , and now when i do netstat -n all i see is one ip trying to use httpd ? Should i ban those ips or something else is wrong?
Code:
root@host [~]# netstat -n Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 216.86.146.185:80 206.77.2.57:61101 SYN_RECV tcp 0 0 216.86.146.185:80 206.77.0.155:23713 ESTABLISHED tcp 0 25016 216.86.146.185:80 205.155.15.250:9729 ESTABLISHED tcp 0 0 216.86.146.185:60327 204.16.32.225:80 TIME_WAIT tcp 0 0 216.86.146.185:59995 63.208.226.23:80 TIME_WAIT tcp 0 0 216.86.146.185:59575 64.233.167.104:80 TIME_WAIT tcp 0 0 216.86.146.185:59611 64.233.167.104:80 TIME_WAIT tcp 0 0 216.86.146.185:59608 64.233.167.104:80 TIME_WAIT tcp 0 0 216.86.146.185:60222 63.208.226.23:80 TIME_WAIT tcp 0 0 216.86.146.185:59497 64.233.167.104:80 TIME_WAIT tcp 0 0 216.86.146.185:59506 64.233.167.104:80 TIME_WAIT tcp 0 0 216.86.146.185:59510 64.233.167.104:80 TIME_WAIT tcp 0 0 216.86.146.185:59513 64.233.167.104:80 TIME_WAIT tcp 0 0 216.86.146.185:59772 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:60325 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:60345 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:60308 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:60364 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:60217 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:60210 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:60215 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:59963 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:59979 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:59973 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:59987 80.67.74.21:80 TIME_WAIT tcp 0 0 216.86.146.185:60288 204.16.32.221:80 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.0.155:54663 TIME_WAIT tcp 1 1 216.86.146.185:80 69.45.32.209:29837 LAST_ACK tcp 0 0 216.86.146.185:80 206.77.2.57:61095 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61094 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61093 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61092 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61091 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61090 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61089 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61088 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61100 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61099 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61098 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61097 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61096 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61078 TIME_WAIT tcp 0 0 216.86.146.185:80 205.155.15.250:10355 ESTABLISHED tcp 0 0 216.86.146.185:80 206.77.2.57:61073 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61072 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61086 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61085 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61084 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61083 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61081 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61070 TIME_WAIT tcp 0 0 216.86.146.185:80 206.77.2.57:61069 TIME_WAIT tcp 1 1 216.86.146.185:80 69.45.32.209:30175 LAST_ACK tcp 0 0 216.86.146.185:80 206.77.0.155:14112 ESTABLISHED tcp 0 0 216.86.146.185:80 206.77.0.155:31499 TIME_WAIT tcp 1 13800 216.86.146.185:80 205.155.15.250:23005 CLOSE_WAIT tcp 0 5536 216.86.146.185:2121 70.64.0.166:2453 ESTABLISHED tcp 0 0 216.86.146.185:59512 64.233.187.99:80 TIME_WAIT tcp 0 0 216.86.146.185:59570 64.233.167.99:80 TIME_WAIT tcp 0 0 216.86.146.185:59600 64.233.167.99:80 TIME_WAIT tcp 0 0 216.86.146.185:59517 64.233.167.147:80 TIME_WAIT tcp 0 0 216.86.146.185:59507 64.233.167.147:80 TIME_WAIT tcp 0 0 216.86.146.185:59511 64.233.167.147:80 TIME_WAIT tcp 0 0 216.86.146.185:59502 64.233.167.147:80 TIME_WAIT tcp 0 0 216.86.146.185:59606 64.233.167.147:80 TIME_WAIT tcp 0 0 216.86.146.185:59780 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:59687 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:60093 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:59959 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:59983 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:59970 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:59975 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:60333 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:60339 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:60341 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:60370 80.67.74.20:80 TIME_WAIT tcp 0 1 216.86.146.185:60373 80.67.74.20:80 SYN_SENT tcp 0 0 216.86.146.185:60195 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:60216 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:60208 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:60209 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:60213 80.67.74.20:80 TIME_WAIT tcp 0 0 216.86.146.185:59785 204.16.32.222:80 TIME_WAIT tcp 0 0 216.86.146.185:59793 204.16.32.222:80 TIME_WAIT tcp 0 0 216.86.146.185:59755 204.16.32.222:80 TIME_WAIT tcp 0 0 216.86.146.185:60101 204.16.32.222:80 TIME_WAIT tcp 0 0 216.86.146.185:60106 204.16.32.222:80 TIME_WAIT tcp 0 0 216.86.146.185:60079 204.16.32.222:80 TIME_WAIT tcp 0 0 216.86.146.185:60087 204.16.32.222:80 TIME_WAIT tcp 1 36500 216.86.146.185:80 66.173.10.234:23915 CLOSE_WAIT tcp 0 0 216.86.146.185:59675 69.89.74.182:80 TIME_WAIT tcp 0 0 216.86.146.185:59697 69.89.74.182:80 TIME_WAIT tcp 0 0 216.86.146.185:59709 69.89.74.182:80 TIME_WAIT tcp 0 0 216.86.146.185:80 68.142.251.89:58319 TIME_WAIT tcp 0 0 216.86.146.185:80 68.142.249.11:42375 TIME_WAIT tcp 0 0 216.86.146.185:80 216.100.80.2:10784 ESTABLISHED tcp 0 0 216.86.146.185:59605 72.14.207.99:80 TIME_WAIT tcp 0 0 216.86.146.185:80 216.100.80.2:10778 ESTABLISHED tcp 0 0 216.86.146.185:59892 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:59972 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:59980 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:59991 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:59998 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60004 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60009 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60022 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60031 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:59943 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:59954 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:59964 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60237 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60242 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60244 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60246 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60247 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60249 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60250 66.139.78.32:80 TIME_WAIT tcp 0 0 216.86.146.185:60291 66.139.78.32:80 TIME_WAIT Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 9 [ ] DGRAM 175726827 /dev/log unix 2 [ ] DGRAM 261140720 unix 2 [ ] DGRAM 234046487 unix 3 [ ] STREAM CONNECTED 202900546 /var/lib/mysql/mysql.sock unix 3 [ ] STREAM CONNECTED 202900545 unix 3 [ ] STREAM CONNECTED 201547427 unix 3 [ ] STREAM CONNECTED 201547426 unix 3 [ ] STREAM CONNECTED 201547413 unix 3 [ ] STREAM CONNECTED 201547412 unix 2 [ ] DGRAM 201543317 unix 2 [ ] DGRAM 201523191 unix 2 [ ] DGRAM 175769950 unix 2 [ ] DGRAM 175733445 unix 2 [ ] DGRAM 175729468 unix 2 [ ] DGRAM 175727065 root@host [~]#
