码迷,mamicode.com
首页 > 其他好文 > 详细

由于网络攻击导致路由器CPU 99% 网络时断时通

时间:2016-12-10 23:10:44      阅读:1234      评论:0      收藏:0      [点我收藏+]

标签:由于网络攻击导致路由器cpu 99% 网络时断时通

CPU Usage Stat. Cycle: 60 (Second)

CPU Usage            : 99% Max: 99%

CPU Usage Stat. Time : 2016-12-10  19:37:01 



Dec 10 2016 19:34:38 BEJ-ANF-AGG-9312-17.64 %%01SECE/4/PORT_ATTACK(l)[0]:Port attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet3/0/1, OuterVlan/InnerVlan=1904/0, AttackProtocol=TCP, AttackPackets=416 packets per second)


Dec 10 2016 19:34:38 BEJ-ANF-AGG-9312-17.64 %%01SECE/4/USER_ATTACK(l)[1]:User attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet3/0/1, OuterVlan/InnerVlan=1904/0, UserMacAddress=0010-f348-7037, AttackProtocol=TCP, AttackPackets=416 packets per second)


Dec 10 2016 19:34:05 BEJ-ANF-AGG-9312-17.64 %%01SECE/4/SPECIFY_SIP_ATTACK(l)[2]:The specified source IP address attack occurred.(Slot=MPU, SourceAttackIP = 163.177.72.158, AttackProtocol=TCP, AttackPackets=144 packets per second)


Dec 10 2016 19:33:49 BEJ-ANF-AGG-9312-17.64 %%01SECE/4/PORT_ATTACK(l)[3]:Port attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet3/0/1, OuterVlan/InnerVlan=1904/0, AttackProtocol=ICMP, AttackPackets=224 packets per second)


Dec 10 2016 19:33:49 BEJ-ANF-AGG-9312-17.64 %%01SECE/4/USER_ATTACK(l)[4]:User attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet3/0/1, OuterVlan/InnerVlan=1904/0, UserMacAddress=0010-f348-7037, AttackProtocol=ICMP, AttackPackets=224 packets per second)


Dec 10 2016 19:29:38 BEJ-ANF-AGG-9312-17.64 %%01SECE/4/PORT_ATTACK(l)[5]:Port attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet3/0/1, OuterVlan/InnerVlan=1904/0, AttackProtocol=TCP, AttackPackets=320 packets per second)


Dec 10 2016 19:29:38 BEJ-ANF-AGG-9312-17.64 %%01SECE/4/USER_ATTACK(l)[6]:User attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet3/0/1, OuterVlan/InnerVlan=1904/0, UserMacAddress=0010-f348-7037, AttackProtocol=TCP, AttackPackets=320 packets per second)


Dec 10 2016 19:28:47 BEJ-ANF-AGG-9312-17.64 %%01SECE/4/PORT_ATTACK(l)[7]:Port attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet3/0/1, OuterVlan/InnerVlan=1904/0, AttackProtocol=ICMP, AttackPackets=144 packets per second)


Dec 10 2016 19:28:47 BEJ-ANF-AGG-9312-17.64 %%01SECE/4/USER_ATTACK(l)[8]:User attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet3/0/1, OuterVlan/InnerVlan=1904/0, UserMacAddress=0010-f348-7037, AttackProtocol=ICMP, AttackPackets=144 packets per second)


从log信息中可以看出大量的攻击数据包(tcp icmp)是从 XG 3/0/1 的vlan 1904进入,这个vlan是我到联通的互联,我的默认路由是通过vlan 1904到联通。

原因是我设备配置一个loopback接口,上面配置了一个联通给的IP ,攻击的目标始即为这个IP地址,将地址取消后 cpu降到正常范围。


CPU Usage Stat. Cycle: 60 (Second)

CPU Usage            : 39% Max: 99%

CPU Usage Stat. Time : 2016-12-10  19:39:06 


本文出自 “lihongweibj” 博客,请务必保留此出处http://lihongweibj.blog.51cto.com/6235038/1881541

由于网络攻击导致路由器CPU 99% 网络时断时通

标签:由于网络攻击导致路由器cpu 99% 网络时断时通

原文地址:http://lihongweibj.blog.51cto.com/6235038/1881541

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!