- Apr 25, 2015
- 1,845
- 2
- 2,199
- 327
Code:
for i in {1..9999}; do netstat -atu | grep ESTABLISHED & echo ===================================================== &sleep 0.5; doneThis seems to work well, if you want to check for connections then just Ctrl+C to grab an IP you are monitoring for.
Then up arrow / enter when you copy what you need.
You can also be writing the IPs to a log file and have two sessions active to keep constant monitoring going.
Real cool to see all the bots loading up port 22 or whatevs.
Example of douchery happening - trying to spray root::123456 etc.. into port 22 (SSH).
121.201.95.66 is the loser mofo.. 121.201.95.66 | Guangdong RuiJiang Science and Tech Ltd. | AbuseIPDB
Bad IP reputation, for sure a malicious bot
Got the files off the ol' server I needed.. and:
...
Also if you are tired of seeing yourself on the list, you can grep yourself out by port or your own IP:
Code:
for i in {1..9999}; do netstat -atu | grep ESTABLISHED | grep -v "23783" & echo ===================================================== &sleep 0.5; doneI grepped myself out by connected port (23783)
Last edited: