DOS Attack

Started by ST Driver, May 03, 2010, 16:34:42

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

ST Driver

May 03, 2010, 16:34:42 Last Edit: May 03, 2010, 16:45:38 by Steve
Hi

Just found this in my router log

Sat, 2000-01-01 01:02:22 - Initialize LCP.
Sat, 2000-01-01 01:02:22 - LCP is allowed to come up.
Sat, 2000-01-01 01:02:25 - CHAP authentication success
Sat, 2000-01-01 01:02:29 - Send out NTP request to time-g.netgear.com
Mon, 2010-04-26 11:59:18 - Receive NTP Reply from time-g.netgear.com
Mon, 2010-04-26 12:03:32 - Administrator login successful - IP:192.168.0.2
Mon, 2010-04-26 11:56:47 - Router start up
Tue, 2010-04-27 20:58:37 - Administrator login successful - IP:192.168.0.2
Wed, 2010-04-28 18:41:32 - Administrator login successful - IP:192.168.0.2
Thu, 2010-04-29 09:59:18 - Send out NTP request to time-g.netgear.com
Thu, 2010-04-29 09:59:16 - Receive NTP Reply from time-g.netgear.com
Sat, 2010-05-01 12:26:31 - Administrator login successful - IP:192.168.0.2
Sun, 2010-05-02 07:59:16 - Send out NTP request to time-g.netgear.com
Sun, 2010-05-02 08:00:36 - Send out NTP request to time-h.netgear.com
Sun, 2010-05-02 08:00:34 - Receive NTP Reply from time-h.netgear.com
Sun, 2010-05-02 11:41:00 - Administrator login successful - IP:192.168.0.2
Mon, 2010-05-03 11:00:57 - UDP Packet - Source:212.69.36.3,53 Destination:- [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.40.3,53 Destination: - [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.40.3,53 Destination: - [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.40.3,53 Destination: - [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.40.3,53 Destination: - [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.36.3,53 Destination: - [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.40.3,53 Destination: - [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.36.3,53 Destination: - [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.40.3,53 Destination: - [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.36.3,53 Destination: - [DOS]
Mon, 2010-05-03 11:01:57 - UDP Packet - Source:212.69.40.3,53 Destination: - [DOS]
Mon, 2010-05-03 16:15:49 - Administrator login successful - IP:192.168.0.2
Mon, 2010-05-03 16:22:19 - Administrator login successful - IP:192.168.0.2


Strange to get this from Idnets DNS servers don't you think.
Now is this for real or just my router playing up.

Steve
Steve
Grandad Racer

Steve

#1
May 03, 2010, 16:51:48
A google suggests DOS attacks can use the DNS server addresses as reflectors whatever that means,presumably to obscure their origin.
Steve
------------
This post reflects my own views, opinions and experience, not those of IDNet.

ST Driver

#2
May 03, 2010, 17:00:27
Thanks Steve

I have seen DOS atacks before but never using an isp's DNS servers

Steve
Steve
Grandad Racer

Rik

#3
May 03, 2010, 17:01:26
I think it's as Steve says, Steve, but if you're concerned, email that log to support.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

ST Driver

#4
May 03, 2010, 17:10:16
Hi Rik

I will just leave it for now and see if it happens again.
I think that both of you are right after googleing it and having a quick reed.
Thanks again.

Steve
Steve
Grandad Racer

Rik

#5
May 03, 2010, 17:13:10
Our pleasure. :)
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.
Print
Go Up Pages1
User actions