Netstat Results Show 3 Ips In Same Location With Several Connections

Mar 13, 2008

I'm new to server administration/secu
This started because a Linux
I ran a netstat and several 86.104.230.29:59009
86.104.117.45:18065
89.37.137.157:41593

As far as I can tell they are
I have posted a lot of information
netstat:

Code:
tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http tcp 0 0 mydomain.com:http rity/troubleshooting, so I have included a lot of info here hoping it will help.
VPS with CentOS and Exim crashed after only 3000 emails were sent (of 30000) total
times I get three separate ips with the only difference being the last two digits and the port number:
from Romania, and there are several connections.
below, if someone can take a look and give some ideas, it would be very much appreciated.
86.104.117.98:34060 SYN_RECV
89.39.71.82:59022 SYN_RECV
89.39.71.219:52276 SYN_RECV
89.37.137.163:25383 SYN_RECV
89.37.137.154:20794 SYN_RECV
86.104.230.235:39094 SYN_RECV
89.37.137.127:61711 SYN_RECV
86.104.230.127:5748 SYN_RECV
89.39.71.37:63424 SYN_RECV
89.39.71.228:54121 SYN_RECV
86.104.230.226:39605 SYN_RECV
86.104.230.91:6446 SYN_RECV
89.37.137.10:54841 SYN_RECV
86.104.230.100:22842 SYN_RECV
86.104.230.118:32674 SYN_RECV
86.104.117.80:16559 SYN_RECV
89.37.137.64:47817 SYN_RECV
86.104.230.136:21718 SYN_RECV
89.39.71.246:37288 SYN_RECV
89.39.71.28:62119 SYN_RECV
86.104.117.190:4468 SYN_RECV
86.104.117.8:25247 SYN_RECV
89.39.71.100:35503 SYN_RECV
86.104.230.199:20896 SYN_RECV
89.39.71.237:saft SYN_RECV
89.37.137.199:47952 SYN_RECV
89.37.137.118:60561 SYN_RECV
86.104.117.181:10844 SYN_RECV
86.104.117.125:50584 SYN_RECV
86.104.117.253:17855 SYN_RECV
89.39.71.10:25740 SYN_RECV
86.104.117.109:29528 SYN_RECV
86.104.117.62:47349 SYN_RECV
89.37.137.55:4614 SYN_RECV
89.37.137.226:22001 SYN_RECV
86.104.117.163:11790 SYN_RECV
86.104.230.44:8911 SYN_RECV
89.39.71.46:telnets SYN_RECV
89.37.137.190:27377 SYN_RECV
89.39.71.181:34031 SYN_RECV
89.39.71.19:41722 SYN_RECV
89.37.137.100:57151 SYN_RECV
86.104.117.145:61402 SYN_RECV
86.104.117.53:52461 SYN_RECV
89.37.137.26:42463 SYN_RECV
89.37.137.217:35530 SYN_RECV
89.37.137.35:63414 SYN_RECV
89.39.71.154:56638 SYN_RECV
86.104.117.26:43972 SYN_RECV
86.104.117.172:6922 SYN_RECV
86.104.230.17:3683 SYN_RECV
89.39.71.210:2397 SYN_RECV
89.37.137.46:18754 SYN_RECV
86.104.230.244:4032 SYN_RECV
89.37.137.235:8602 SYN_RECV
86.104.230.82:39495 SYN_RECV
89.37.137.19:28848 SYN_RECV
86.104.230.163:47624 SYN_RECV
89.37.137.8:2683 SYN_RECV
89.39.71.55:43300 SYN_RECV
89.37.137.37:1664 SYN_RECV
86.104.117.118:36892 SYN_RECV
86.104.117.17:7317 SYN_RECV
89.37.137.109:56229 SYN_RECV
86.104.230.217:45257 SYN_RECV
89.37.137.73:15278 SYN_RECV
86.104.230.64:14076 SYN_RECV
86.104.117.116:14567 SYN_RECV

View 3 Replies

Netstat Results Show 3 Ips In Same Location With Several Connections

Should Location Of Host = Location Of Targeted Visitors?

Netstat -an Or -tln

Netstat, Csf

Netstat & APF Cron Job

Netstat :: How To List IP Addresses?

SSH Command :: Netstat -alpn?

Does IP Address Location = Server Location

-bash: Netstat: Command Not Found

Listing/banning Ipv6 Addresses From Netstat Output

Paging Results Of Ls Through FTP

Logwatch Results

VPS Vs. Dedicated - New Benchmark Results

Leary With Traceroute Results

Final Results - HostWay

Tuning-primer.sh Results, How To Act On Them

Results Of Top Command - Good/bad

Ping Results For My VPS - Acceptable

How Can I Get Rootkit Hunter To Email Me The Results

Nameserver Giving False Results

Peer 1 Web Hosting Year End Results

Evaluating Anycast Domain Name Server (DNS) - Strange Results

Plesk 12.x / Linux :: Forcing HTTPS Results Into Many Redirects

Plesk 12.x / Linux :: Search Results Could Not Be Loaded At The Moment

BEWARE -Sudden Iframe Injection Attacks, Catastrophic Results

Netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

Plesk 12.x / Linux :: Failed Upgrade Results In Inconsistent DB And Unfunctional Panel

Plesk 12.x / Linux :: Removing FTP-user Through API Results In 500 Internal Server Error (PHP)

Plesk 12.x / Linux :: 11 Backup Restore Results In Tons Of Failed With Return Code 1

Meaning Of "netstat"