Sponsored Content
Top Forums UNIX for Advanced & Expert Users Nearly Random, Uncorrelated Server Load Average Spikes Post 303044207 by Neo on Sunday 16th of February 2020 09:52:47 PM
Old 02-16-2020
Update:

Experienced (and trapped) another spike from another Chinese IP address (which is at the top of the "hitcount" list during the spikes):

Nearly Random, Uncorrelated Server Load Average Spikes-screen-shot-2020-02-17-95106-amjpg


Code:
116.232.48.112

with the same user agent string as before:

Code:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36

Nearly Random, Uncorrelated Server Load Average Spikes-screen-shot-2020-02-17-94331-amjpg


Yesterday, as reader who follow this caper my call recall, I blocked two Chinese subnetworks /24

Code:
iptables -A INPUT -s 117.144.138.130/24 -j DROP  #  rogue chinese bot
iptables -A INPUT -s 116.232.49.231/24 -j DROP  #  rogue chinese bot

Now, we see rouge, unidentified bot activity from 116.232.48.112, more than likely in the same data center.

So, I will change the block to:

Code:
iptables -A INPUT -s 117.144.138.130/24 -j DROP  #  rogue chinese bot
iptables -A INPUT -s 116.232.49.231/22 -j DROP  #  rogue chinese bot

... let's what what they do next...... I am interested to learn if "they" are manually shifting servers or this is an automatic response to the block.
This User Gave Thanks to Neo For This Post:
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

load average

we have an unix system which has load average normally about 20. but while i am running a particular unix batch which performs heavy operations on filesystem and database average load reduces to 15. how can we explain this situation? while running that batch idle cpu time is about %60-65... (0 Replies)
Discussion started by: gfhgfnhhn
0 Replies

2. UNIX for Dummies Questions & Answers

Load Average

Hello all, I have a question about load averages. I've read the man pages for the uptime and w command for two or three different flavors of Unix (Red Hat, Tru64, Solaris). All of them agree that in the output of the 2 aforementioned commands, you are given the load average for the box, but... (3 Replies)
Discussion started by: Heathe_Kyle
3 Replies

3. UNIX for Dummies Questions & Answers

top - Load average

Hello, Here is the output of top command. My understanding here is, the load average 0.03 in last 1 min, 0.02 is in last 5 min, 0.00 is in last 15 min. By seeing this load average, When can we say that, the system load averge is too high? When can we say that, load average is medium/low??... (8 Replies)
Discussion started by: govindts
8 Replies

4. Solaris

load average query.

Hi, i have installed solaris 10 on t-5120 sparc enterprise. I am little surprised to see load average of 2 or around on this OS. when checked with ps command following process is using highest CPU. looks like it is running for long time and does not want to stop, but I do not know... (5 Replies)
Discussion started by: upengan78
5 Replies

5. UNIX for Dummies Questions & Answers

Please Help me in my load average

Hello AlL,.. I want from experts to help me as my load average is increased and i dont know where is the problem !! this is my top result : root@a4s # top top - 11:30:38 up 40 min, 1 user, load average: 3.06, 2.49, 4.66 Mem: 8168788k total, 2889596k used, 5279192k free, 47792k... (3 Replies)
Discussion started by: black-code
3 Replies

6. UNIX for Advanced & Expert Users

Load average in UNIX

Hi , I am using 48 CPU sunOS server at my work. The application has facility to check the current load average before starting a new process to control the load. Right now it is configured as 48. So it does mean that each CPU can take maximum one proces and no processe is waiting. ... (2 Replies)
Discussion started by: kumaran_5555
2 Replies

7. Solaris

Load Average and Lwps

NPROC USERNAME SWAP RSS MEMORY TIME CPU 320 oracle 23G 22G 69% 582:55:11 85% 47 root 148M 101M 0.3% 99:29:40 0.3% 53 rafmsdb 38M 60M 0.2% 0:46:17 0.1% 1 smmsp 1296K 5440K 0.0% 0:00:08 0.0% 7 daemon ... (2 Replies)
Discussion started by: snjksh
2 Replies

8. UNIX for Dummies Questions & Answers

Load average spikes once an hour

Hi, I am getting a high load average, around 7, once an hour. It last for about 4 minutes and makes things fairly unusable for this time. How do I find out what is using this. Looking at top the only thing running at the time is md5sum. I have looked at the crontab and there is nothing... (10 Replies)
Discussion started by: sm9ai
10 Replies

9. UNIX for Dummies Questions & Answers

Help with load average?

how load average is calculated and what exactly is it difference between cpu% and load average (9 Replies)
Discussion started by: robo
9 Replies

10. Programming

ESP32 (ESP-WROOM-32) as an MQTT Client Subscribed to Linux Server Load Average Messages

Here we go.... Preface: ..... so in a galaxy far, far, far away from commercial, data sharing corporations..... For this project, I used the ESP-WROOM-32 as an MQTT (publish / subscribe) client which receives Linux server "load averages" as messages published as MQTT pub/sub messages.... (6 Replies)
Discussion started by: Neo
6 Replies
NWFSCTRL(1)							     nwfsctrl							       NWFSCTRL(1)

NAME
nwfsctrl - Perform server command SYNOPSIS
nwfsctrl [ -h ] [ -S server ] [ -U user name ] [ -P password | -n ] [ -C ] [ -p ncpfs path ] -c | -o | -[f]d nwfsctrl [ -h ] [ -S server ] [ -U user name ] [ -P password | -n ] [ -C ] [ -p ncpfs path ] server command DESCRIPTION
nwfsctrl performs command on server. OPTIONS
-h With -h nwfsctrl prints a little help text. -S server is the name of the server you want to use. -U user user is the user name to use for login. To set the server's time, you need supervisor privileges. -P password password is the password to use for login. If neither -n nor -P are given, and the user has no open connection to the server, nwfstime prompts for a password. -n -n should be given if no password is required for the login. As you need supervisor privileges for setting the date and time, this option is probably not used very often. -C By default, passwords are converted to uppercase before they are sent to the server, because most servers require this. You can turn off this conversion by -C. -o Open bindery. -c Close bindery. -d Down fileserver. This command will complain if there are open files on server. -fd Down fileserver, regardless of opened files. load module options... Load module module with options options... on server. Program will complain if module is already loaded. unload module Unload module module from server. Program will complain if module is not loaded. mount volume Mount volume volume. dismount volume Dismount volume volume. If there are open files on volume, server displays prompt on console. You must go to the server (or telnet/xcon- sole) and hit Y or N to get beyond this point). set variable = value Set server settable variable variable to value value. open bindery Open bindery. close bindery Close bindery. enable login Enable login to file server. disable login Disable login to file server. disable tts Disable TTS. This probably does not work on Netware 4.11. enable tts Enable TTS. This probably does not work on Netware 4.11. BUGS
Other commands are not written yet (volume, clear connection ...) CREDITS
This utility was created by Petr Vandrovec (vandrove@vc.cvut.cz) and is part of ncpfs since 2.2.0.11. nwfsctrl 2/12/1999 NWFSCTRL(1)
All times are GMT -4. The time now is 07:52 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy