1780 connections from one IP


 
Thread Tools Search this Thread
Special Forums Cybersecurity 1780 connections from one IP
# 1  
Old 03-28-2014
1780 connections from one IP

Hello, one US IP having 1700+ connections when doing:

Code:
netstat -tn 2>/dev/null | grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr | head

1780 *
... *
... *

i want to ask how to debug what this IP does?
# 2  
Old 04-01-2014
(The grep is a bit loose.) Maybe it is a proxy, router or firewall. A proxy hides and handles many users' browser connections. A common home/wifi router uses one IP for all the 192.168.*.* hosts behind it. A firewall can support several kinds of proxy-like features. OF course, a browser not using http/1.0 persistent can have many connections, but they are transient.
# 3  
Old 04-01-2014
Lightbulb

thx, question remains: "i want to ask how to debug what this IP does?"
# 4  
Old 04-01-2014
Well, what is it doing? Connecting to your apache? Check your logs.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Network Connections

I have a static IP 47.21.154.146 and two computers which I wish to talk to each other. The two IPs are 198.168.1.5 and 198.168.1.6. How do I do it. For example ls from one computer to the other. TIA (8 Replies)
Discussion started by: Meow613
8 Replies

2. Solaris

Passwordless connections

Hi All! Please help me with this situation: I have 3 servers configured with the following network 10.100.48.xx and I have configured on the passwordless connection, and it is working fine. Now the app vendor ask me to configure a 2nd IP address on each of the 3 servers with a different IP... (4 Replies)
Discussion started by: fretagi
4 Replies

3. AIX

connections on server

I am using AIX 5.3, its a application server, i am giving the support of OS & Hardware only, now i want to check how many connections are connected to my server, means how many people using my server.:confused: (4 Replies)
Discussion started by: reply.ravi
4 Replies

4. Red Hat

Too many CLOSE_WAIT connections

Hi, I am running JBOSS 6 ona RHEL5 server put it continuously crashes due to the number of CLOSE_WAIT connections on port 8080. How can I kill the several hundred CLOSE_WAIT connections without killing the actual live "LISTENING" connection? R, D. (2 Replies)
Discussion started by: Duffs22
2 Replies

5. SCO

UUCP connections

Hi There Is there a maximum number of concurrent incoming uucp connections to a server? SCO Openserver 5.07 Is there a parameter in some config file where this can be changed? Thanx (5 Replies)
Discussion started by: wjace
5 Replies

6. HP-UX

HP-UX: X connections...?

Hello All, I have 2 qries about X connections on HP-UX : 1.How/where to determine whether "X connections" to the server are controlled. 2. How/where to determine whether "X11 connection" are tunnelled via ssh. 3. How/where to determine the "Time in minutes before unattended X terminals... (0 Replies)
Discussion started by: abhayh
0 Replies

7. UNIX for Dummies Questions & Answers

Killing Connections

Say, for instance, that you are running a website. You are playing around, using netstat, etc. You notice all the people whom are connected to the site. You then wonder if there is a way to kill one or more of these connections. However, they are not PIDs so could you use the kill command? I was... (1 Reply)
Discussion started by: Phobos
1 Replies

8. UNIX for Dummies Questions & Answers

Establishing connections

Hello there, just a quick question.....Can someone please explain the concept that enables you to establish a connection using the same userId Thanx (1 Reply)
Discussion started by: BigTool4u2
1 Replies

9. UNIX for Dummies Questions & Answers

Threads v/s Connections

Can someone please explain the difference between a connection and a thread. Any explanation will help! Thanks (3 Replies)
Discussion started by: suntan
3 Replies

10. UNIX for Advanced & Expert Users

Trace connections

In my organization in order for anyone to go to any Unix server they have to go through "SERVER A" and login as themselves. Then people are free to go enywhere they please. For example: SERVER A, loggs in as himself telnets to SERVER B, loggs in as guest telnets to SERVER C, loggs in as... (8 Replies)
Discussion started by: jraitsev
8 Replies
Login or Register to Ask a Question