Log In

Post Ads
  • check incoming http traffic linux
    netstat -an | grep 80
    netstat -an | grep 443
    tcp      126      0 0.0.0.0:443             0.0.0.0:*               LISTEN
tcp        0      0 143.110.178.90:443      205.253.121.153:52152   SYN_RECV
tcp        0      0 143.110.178.90:443      152.57.192.63:47054     SYN_RECV
tcp        0      0 143.110.178.90:443      27.56.249.178:10808     SYN_RECV
tcp        0      0 143.110.178.90:443      157.35.43.198:1372      SYN_RECV
tcp        0      0 143.110.178.90:443      47.9.172.31:55870       SYN_RECV
tcp        0      0 143.110.178.90:443      117.98.32.131:10813     SYN_RECV
tcp        0      0 143.110.178.90:443      132.154.33.245:33624    SYN_RECV
tcp        0      0 143.110.178.90:443      47.247.212.210:41872    SYN_RECV
tcp        0      0 143.110.178.90:443      49.35.235.170:42656     SYN_RECV
tcp        0      0 143.110.178.90:443      47.9.115.249:39206      SYN_RECV
tcp        0      0 143.110.178.90:443      106.207.92.249:57362    SYN_RECV
tcp        0      0 143.110.178.90:443      117.98.32.131:14891     SYN_RECV
tcp        0      0 143.110.178.90:443      132.154.107.193:39680   SYN_RECV
tcp        0      0 143.110.178.90:443      47.9.172.31:55880       SYN_RECV
tcp        0      0 143.110.178.90:443      157.38.0.56:38362       SYN_RECV
tcp        0      0 143.110.178.90:443      139.167.233.133:54550   SYN_RECV
tcp        0      0 143.110.178.90:443      117.233.103.181:18346   SYN_RECV
tcp        0      0 143.110.178.90:443      157.38.134.214:40246    SYN_RECV
tcp        0      0 143.110.178.90:443      117.201.66.45:56176     SYN_RECV
tcp        0      0 143.110.178.90:443      157.35.76.55:53226      SYN_RECV
tcp        0      0 143.110.178.90:443      157.32.245.96:37935     SYN_RECV
tcp        0      0 143.110.178.90:443      47.9.115.249:39326      SYN_RECV
tcp        0      0 143.110.178.90:443      47.15.154.160:57678     SYN_RECV
tcp        0      0 143.110.178.90:443      152.57.192.63:47060     SYN_RECV
tcp        0      0 143.110.178.90:443      49.42.75.8:49188        SYN_RECV
tcp        0      0 143.110.178.90:443      49.15.183.34:63883      SYN_RECV
tcp        0      0 143.110.178.90:443      157.34.199.240:38078    SYN_RECV

    $ w
    $ sar -u 5
    $ ps -eo s,user | grep ^[RD] | sort | uniq -c | sort -nbr | head -20
  • check incoming traffic linux
    $ last | tac

    You can use last to get an idea where your connections are coming from:

    wtmp begins Tue Oct 13 17:20:47 2020

reboot   system boot  3.10.0-1127.el7. Tue Oct 13 17:20 - 17:43  (00:22)
reboot   system boot  3.10.0-1127.19.1 Thu Jan 28 05:46 - 04:38 (250+22:52)
root     pts/0        182.68.178.174   Thu Jan 28 05:54 - 05:56  (00:01)
root     pts/0        182.68.178.174   Thu Jan 28 05:56 - crash  (00:04)
reboot   system boot  3.10.0-1127.19.1 Thu Jan 28 06:01 - 04:38 (250+22:37)
root     pts/0        182.68.178.174   Thu Jan 28 08:35 - 09:47  (01:12)
root     pts/0        182.68.178.174   Thu Jan 28 12:20 - 12:29  (00:09)
root     pts/0        182.68.183.159   Fri Jan 29 04:51 - 06:40  (01:48)
root     pts/0        182.68.60.189    Mon Feb  1 07:05 - 08:11  (01:06)
root     pts/0        182.68.60.189    Mon Feb  1 08:12 - 10:23  (02:11)
root     pts/1        42.111.3.175     Mon Feb  1 08:35 - 08:36  (00:01)
root     pts/1        182.68.60.189    Mon Feb  1 08:38 - 09:24  (00:46)
root     pts/0        182.68.60.189    Mon Feb  1 12:06 - 12:09  (00:02)
root     pts/0        122.161.240.187  Fri Feb  5 15:39 - 15:42  (00:02)
root     pts/0        122.161.240.187  Fri Feb  5 16:40 - 16:50  (00:09)
root     pts/0        122.161.240.53   Sat Feb  6 05:14 - 05:15  (00:01)
root     pts/0        122.161.240.53   Sat Feb  6 08:55 - 08:57  (00:01)
root     pts/0        122.161.245.53   Sun Feb  7 07:10 - 07:13  (00:03)
root     pts/0        122.161.241.124  Mon Feb  8 04:23 - 04:29  (00:06)
  • Balloon Decoration at home or office
  • Bouncy on rent in Delhi NCR
  • Inauguration Lamp on rent in Delhi NCR