Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Check your server logs. See what files are being requested and by what host(s). Viruses and hackers frequently cause this type of activity. You may be able to use iptables to drop requests from a small number of IPs, to reduce the bogus hit counts. I'm not sure what, if any, well known security holes apache 1.3 may expose. That is something you should probably check up on.
I use a collection of homebrew perl scripts for logfile analysis, along with the popular Webalizer tool. This makes it fairly simple to keep tabs on what a web server has been doing, and what the web may be doing to the server.
Wow. This is gnutella traffic. It appears to me that, somehow, your IP seems to have been identified as a node/peer on the gnutella P2P network, using HTPP as it's transport protocol. Did this all happen to start up sometime after running a gnutella client? Has your IP changed recently? It does seem a bit odd that all of the requesting client 'browsers' are the same name and version number. The high number of different client IPs will make it impractical or impossible to block this traffic with iptables rules.
Gnutella functions in part by certain hosts remembering peer IP's in a cache, as a sort of seed to get the peer to peer communication working. Perhaps your IP has been added to a cache/database somewhere, and all of the shareaza clients are getting your IP as a peer node. If that is the case, it might be easiest to request a new IP from your provider.
Perhaps someone with deeper knowledge of the gnutella network can contribute some insight.