1. 26.
    0
    # tcpdump –r ddos. pcap -n ‘tcp[tcpflags] & tcp-syn == tcp-syn’
    22:04:22.809998 IP 91.3.119.80.59204 > 11.22.33.44.53: Flags , seq 2861145144, win 65535, options [mss 1460,sackOK,eol], length 0
    22:04:22.863997 IP 91.3.119.80.59135 > 82.8.86.175.25: Flags , seq 539301671, win 65535, options [mss 1460,sackOK,eol], length 0
    22:04:22.864007 IP 91.3.119.80.59205 > 11.22.33.44.53: Flags , seq 4202405882, win 65535, options [mss 1460,sackOK,eol], length 0
    22:04:23.033997 IP 91.3.119.80.64170 > 11.22.33.44.53: Flags , seq 1040357906, win 65535, options [mss 1460,sackOK,eol], length 0
    22:04:23.146001 IP 91.3.119.80.59170 > 11.22.33.44.53: Flags , seq 3560482792, win 65535, options [mss 1460,sackOK,eol], length 0
    22:04:23.164997 IP 91.3.119.80.59171 > 20.17.222.88.25: Flags , seq 1663706635, win 65535, options [mss 1460,sackOK,eol], length 0
    22:04:23.384994 IP 91.3.119.80.59136 > 11.22.33.44.53: Flags , seq 192522881, win 65535, options [mss 1460,sackOK,eol], length 0
    22:04:23.432994 IP 91.3.119.80.59137 > 11.22.33.44.53: Flags , seq 914731000, win 65535, options [mss 1460,sackOK,eol], length

    3. tcpdump -n -r ddos. pcap |awk -F" " '{print $3}'|cut -f1,2,3,4 -d"."|sort -n|uniq -c
    1 6.65.194.168
    1 6.65.208.248
    1 6.65.226.233
    1 6.65.232.125
    1 6.65.235.140
    1 6.65.248.199
    1 6.65.249.104
    1 6.65.32.97
    1 6.65.44.199
    1 6.65.48.49
    1 6.65.62.221
    1 6.65.62.30
    1 37.83.136.81
    1 37.83.14.12
    1 37.83.152.203
    1 37.83.164.223
    1 37.83.165.146
    1 37.83.166.132
    1 37.83.185.89
    1 37.83.194.21
    1 62.185.46.86
    1 62.185.60.100
    1 62.185.64.248
    1 62.185.66.32
    1 62.185.75.23
    1 62.185.9.193
    1 62.185.92.77
    1 62.185.96.16

    4. tcpdump -r TEST. pcap -n |cut -f3 -d" "|cut -f1-4 -d"."|sort -n|uniq -c|awk -F" " '{print $2 "t" $1 }'|sort -rn -k 2|head -10
    reading from file TEST. pcap, link-type EN10MB (Ethernet)
    11.22.228.246 482196
    11.22.243.10 62095
    11.22.228.73 27515
    11.22.241.138 24972
    93.18.207.182 24761
    11.22.28.78 13205
    195.142.247.7 5041
    18.89.192.37 4870
    78.16.195.145 4268
    78.86.3.178 4157


    ıpler bulunabiliyo panpa zaten istanbulda siber suçlarla mücadele timleri var giberler bizi hepimizi giberler sözlügüde kapatırlar birileri dava açarsa
    ···
   tümünü göster