[LINK] DOS attacks for 24 hours
Jan Whitaker
jwhit at janwhitaker.com
Sat Jun 16 12:41:38 AEST 2012
At 12:26 PM 16/06/2012, Ivan Trundle wrote:
>On 16/06/2012, at 12:03 PM, Glen Turner wrote:
>
> > If it really bothers you or there are so
> > many packets that performance is effected then mail Internode support.
>
>...which is a joke. They are not particularly helpful at all, with
>the standard mantra of 'change your passwords if you have a problem'
>or 'we don't keep logs of any kind' nonsense.
>
>I enquired about a similar issue, and met a stone wall. There is
>more useful help out on the Internet than can be found at
>Internode/iiNet for this kind of problem.
You are so right, Ivan. I got a quick, but useless, reply:
From Node:
I have had a look at you connection and can't see any typical DoS
attack evidence the drops out were not constant enough to be
considered a DoS attack, typically the connection will only last for
a minute at a time and you service will not be usable.
I also checked you router logs and it is showing standard port
scanning which is normal for general we browsing.
------------
Note the point about 'any typical DoS attack evidence', when the
router itself is reporting that they are DOS attacks.
Granted, my modem sometimes does send aberrant alerts when I get an
incoming phone call. But in these cases, it happened over a period of
time with no phone calls whatsoever. Plus they happen over a period
of several minutes, from the same sources.
Thu, 2012-06-14 11:27:41 - UDP Packet - Source:187.120.227.49,16525
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:28:37 - UDP Packet - Source:187.158.187.115,19681
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:28:39 - UDP Packet - Source:99.59.217.144,8526
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:29:05 - UDP Packet - Source:94.98.153.206,10070
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:29:05 - UDP Packet - Source:187.120.227.49,16525
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:29:05 - UDP Packet - Source:99.59.217.144,8526
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:29:05 - UDP Packet - Source:187.120.227.49,16525
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:29:06 - UDP Packet - Source:99.59.217.144,8526
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:29:06 - UDP Packet - Source:187.120.227.49,16525
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:29:27 - UDP Packet - Source:99.59.217.144,8526
Destination:118.209.54.174,8500 - [DOS]
Thu, 2012-06-14 11:29:27 - UDP Packet - Source:187.120.227.49,16525
Destination:118.209.54.174,8500 - [DOS]
I'm not going to worry about it for now since it seems to have
stopped. But if any technicians at Internode are reading this, you
may want to have a chat with Regards, Andrew.
Customer Services Officer
I did change my modem password as a precaution. Thanks to linkers for replies.
Jan
Melbourne, Victoria, Australia
jwhit at janwhitaker.com
blog: http://janwhitaker.com/jansblog/
business: http://www.janwhitaker.com
Our truest response to the irrationality of the world is to paint or
sing or write, for only in such response do we find truth.
~Madeline L'Engle, writer
_ __________________ _
More information about the Link
mailing list