Let's talk with Jim-san in operate. ★38

**動け動けウゴウゴ２ちゃんねる** · 2014/05/24(土) 15:59:47.47

>>270
Jim-san

http://moritapo.jp/info.html

＞ch2maguro# netstat
＞Active Internet connections
＞Proto Recv-Q Send-Q Local Address Foreign Address (state)
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46582 SYN_RCVD
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46576 SYN_RCVD
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46570 SYN_RCVD
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46564 SYN_RCVD
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46575 SYN_RCVD
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46567 SYN_RCVD
＞tcp4 36 0 ch2maguro.http 210.135.99.36.60588 ESTABLISHED
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46542 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46541 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46538 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46517 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46500 TIME_WAIT
＞tcp4 0 635 ch2maguro.http e23.razil.jp.35134 FIN_WAIT_1
＞tcp4 0 635 ch2maguro.http u.razil.jp.48052 FIN_WAIT_1
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46059 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46057 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46056 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 219.net119083002.54274 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 210.135.100.130.46049 TIME_WAIT
＞tcp4 0 0 ch2maguro.http ir01.razil.jp.41138 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 210.135.100.130.45999 TIME_WAIT
＞tcp4 0 0 ch2maguro.http 210.135.100.130.45994 TIME_WAIT
＞
＞If, and if it's SYN flood attack, since only SYN_RCVD status in netstat whereas such should be observed, TIME_WAIT status are also output in the same log, you can see that it is a normal TCP connection.