我从未真正管理过我的 iptables 配置,而是使用默认配置。今天我遇到了互联网连接错误,为了解决这个问题,我检查了我的 ipconfigs 表。我发现了 INPUT 的这些奇怪的 ipconfigs 规则:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp spt:domain
ACCEPT tcp -- anywhere anywhere tcp spt:domain
ACCEPT tcp -- main.macht.org anywhere tcp spt:123
ACCEPT udp -- main.macht.org anywhere udp spt:ntp
ACCEPT tcp -- static.253.144.69.159.clients.your-server.de anywhere tcp spt:123
ACCEPT udp -- static.253.144.69.159.clients.your-server.de anywhere udp spt:ntp
ACCEPT tcp -- spacys.de anywhere tcp spt:123
ACCEPT udp -- spacys.de anywhere udp spt:ntp
ACCEPT tcp -- 195.50.171.101 anywhere tcp spt:123
ACCEPT udp -- 195.50.171.101 anywhere udp spt:ntp
对于输出:
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere main.macht.org tcp dpt:123
ACCEPT udp -- anywhere main.macht.org udp dpt:ntp
ACCEPT tcp -- anywhere static.253.144.69.159.clients.your-server.de tcp dpt:123
ACCEPT udp -- anywhere static.253.144.69.159.clients.your-server.de udp dpt:ntp
ACCEPT tcp -- anywhere spacys.de tcp dpt:123
ACCEPT udp -- anywhere spacys.de udp dpt:ntp
ACCEPT tcp -- anywhere 195.50.171.101 tcp dpt:123
ACCEPT udp -- anywhere 195.50.171.101 udp dpt:ntp
我不认识spacys.de, static.253.144.69.159.clients.your-server.de, main.macht.org, 195.50.171.101
。
这是怎么回事?我的流量是否被重定向到这些地址?如果是这样,这是否意味着我已被黑客入侵,并且黑客对我的系统拥有 root 访问权限(否则他如何能够更改 ipconfigs 设置?)
感谢您的帮助