Login or Register to Ask a Question and Join Our Community


Cybersecurity

Found attack from

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Found attack from
# 1  
Old 01-29-2010
Found attack from
Hi,

I have a belkin router installed and a look at the security log has got me worried a little bit.
Code:
Security log: 
Fri Jan 29 20:41:46 2010 
=>Found attack from 68.147.232.199. 
Source port is 58591 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:41:46 2010 
=>Found attack from 141.149.134.99. 
Source port is 19294 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:41:46 2010 
=>Found attack from 88.84.200.169. 
Source port is 3897 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:41:46 2010 
=>Found attack from 93.103.152.174. 
Source port is 63144 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:41:46 2010 
=>Found attack from 83.83.50.92. 
Source port is 2119 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:41:46 2010 
=>Found attack from 124.64.101.26. 
Source port is 3361 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:41:46 2010 
=>Found attack from 92.96.236.128. 
Source port is 2414 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:41:46 2010 
=>Found attack from 190.161.190.88. 
Source port is 52786 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:42:16 2010 
=>Found attack from 194.144.72.72. 
Source port is 26449 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:42:16 2010 
=>Found attack from 124.64.101.26. 
Source port is 3361 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:42:16 2010 
=>Found attack from 122.178.153.24. 
Source port is 57980 and destination port is 12426 which use the TCP protocol. 
Fri Jan 29 20:42:16 2010 
=>Found attack from 86.87.13.195. 
Source port is 4971 and destination port

Many attacks in such a sort time period is this harmfull for me?
I also did a whois on some ip's but i think they are spoofed because they are al over the place like canada, US, Russian, India and so on....

Maybe I will boot my backtrack, but my provider will complain.Smilie
Last edited by Scott; 01-29-2010 at 04:28 PM.. Reason: Code tags, PLEASE!
# 2  
Old 01-29-2010
spoofed -- or bots. If you're behind NAT you should be relatively safe. Nothing can contact your computer unless you contacted it first or have forwarded ports to yourself.
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Emergency UNIX and Linux Support

DDOS attack please help!

Dear community, my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql. I identified the IPs who attack me and block it through iptable firewall from debian. Something like: iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies

2. Cybersecurity

UUCP attack?

Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning: What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies

3. Cybersecurity

Network attack - so what?

In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies

4. Cybersecurity

What I think is a DoS attack

About 3 days ago our Apache logs started filling with the following errors: mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows) OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies

5. IP Networking

Bizzare network attack?

A server I host is having very rare glitches where a file the user downloads will have incorrect contents. This almost never happens when I am looking, I caught it once and only once -- a user messaged me saying his antivirus had given him a warning about an image file downloaded from his... (2 Replies)
Discussion started by: Corona688
2 Replies

6. Cybersecurity

Replay Attack

REPLAY ATTACK. Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies

7. UNIX for Dummies Questions & Answers

Bruteforce attack on my pc

since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise: this is just one of a many and I beleived it's a bruteforce attack how do i block this IP 200.41.81.228 from trying to knock my online pc? my system: FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies

8. Shell Programming and Scripting

how can i check in csh if command found or not found ?

hello all im trying to use in sun Solaris the information received from the top command now i several machines that dont have install the top program so when im running the script im geting error saying after im running this code : set MemoryInfo = `top | grep Memory` if (... (2 Replies)
Discussion started by: umen
2 Replies
Login or Register to Ask a Question