WIFI, no ip, Smurf attack??

October 10, 2007 at 03:34:08
Specs: WINXP, 2.5ghz 1GB
Hi,
I have two laptops that connect to my Belkin router via wireless.
One of laptop can no longer pick up an ip address and in order to connect to the network, I have to use a ethernet cable.
I am entering the WPA key correctly.

I have looked at the router logs and have spotted this, could this be related?
(IP address 192.168.2.3 is the address of the laptop that can see the network).

10/09/2007 14:39:50 sending ACK to 192.168.2.3
10/09/2007 14:39:50 sending OFFER to 192.168.2.3
10/09/2007 14:39:03 sending ACK to 192.168.2.3
10/09/2007 14:38:52 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:46 sending ACK to 192.168.2.3
10/09/2007 14:38:45 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:43 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:42 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:40 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:39 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:38 sending ACK to 192.168.2.3
10/09/2007 14:38:37 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:35 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:34 sending ACK to 192.168.2.3
10/09/2007 14:38:34 sending OFFER to 192.168.2.3
10/09/2007 14:38:33 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:32 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:30 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:29 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:27 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:26 sending OFFER to 192.168.2.3
10/09/2007 14:38:26 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:24 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:23 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:22 sending OFFER to 192.168.2.3
10/09/2007 14:38:21 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:20 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:38:01 sending ACK to 192.168.2.3
10/09/2007 14:37:53 sending ACK to 192.168.2.3
10/09/2007 14:37:50 sending ACK to 192.168.2.3
10/09/2007 14:35:55 sending ACK to 192.168.2.3
10/09/2007 14:35:50 sending ACK to 192.168.2.3
10/09/2007 14:35:50 sending ACK to 192.168.2.3
10/09/2007 14:32:50 sending ACK to 192.168.2.3
10/09/2007 14:32:50 sending ACK to 192.168.2.3
10/09/2007 14:30:48 sending ACK to 192.168.2.3
10/09/2007 14:26:48 sending ACK to 192.168.2.3
10/09/2007 14:24:47 sending ACK to 192.168.2.3
10/09/2007 14:22:46 sending ACK to 192.168.2.3
10/09/2007 14:20:52 sending ACK to 192.168.2.3
10/09/2007 14:20:49 sending ACK to 192.168.2.3
10/09/2007 14:20:48 sending ACK to 192.168.2.3
10/09/2007 14:18:45 sending ACK to 192.168.2.3
10/09/2007 14:18:45 sending ACK to 192.168.2.3
10/09/2007 14:16:43 sending ACK to 192.168.2.3
10/09/2007 14:12:43 sending ACK to 192.168.2.3
10/09/2007 14:10:42 sending ACK to 192.168.2.3
10/09/2007 14:08:42 sending ACK to 192.168.2.3
10/09/2007 14:06:41 sending ACK to 192.168.2.3
10/09/2007 14:04:40 sending ACK to 192.168.2.3
10/09/2007 14:03:38 sending ACK to 192.168.2.3
10/09/2007 14:03:38 sending OFFER to 192.168.2.3
10/09/2007 14:03:35 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:34 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:32 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:31 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:29 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:27 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:25 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:24 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:22 sending OFFER to 192.168.2.3
10/09/2007 14:03:22 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:21 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:19 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:18 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:16 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:15 sending OFFER to 192.168.2.3
10/09/2007 14:03:15 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:13 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:12 sending OFFER to 192.168.2.3
10/09/2007 14:03:12 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:03:10 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 14:02:50 sending ACK to 192.168.2.3
10/09/2007 14:02:43 sending ACK to 192.168.2.3
10/09/2007 14:02:40 sending ACK to 192.168.2.3
10/09/2007 14:00:43 sending ACK to 192.168.2.3
10/09/2007 14:00:39 sending ACK to 192.168.2.3
10/09/2007 13:59:30 sending ACK to 192.168.2.3
10/09/2007 13:57:29 sending ACK to 192.168.2.3
10/09/2007 13:55:32 sending ACK to 192.168.2.3
10/09/2007 13:55:27 sending ACK to 192.168.2.3
10/09/2007 13:53:29 sending ACK to 192.168.2.3
10/09/2007 13:51:24 sending ACK to 192.168.2.3
10/09/2007 13:49:23 sending ACK to 192.168.2.3
10/09/2007 13:47:19 sending ACK to 192.168.2.3
10/09/2007 13:45:17 sending ACK to 192.168.2.3
10/09/2007 13:43:11 sending ACK to 192.168.2.3
10/09/2007 13:41:10 sending ACK to 192.168.2.3
10/09/2007 13:41:10 sending ACK to 192.168.2.3
10/09/2007 13:39:09 sending ACK to 192.168.2.3
10/09/2007 13:37:43 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:37:43 sending ACK to 192.168.2.3
10/09/2007 13:37:43 sending OFFER to 192.168.2.3
10/09/2007 13:37:42 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:37:40 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:37:21 sending ACK to 192.168.2.3
10/09/2007 13:37:14 sending ACK to 192.168.2.3
10/09/2007 13:37:10 sending ACK to 192.168.2.3
10/09/2007 13:35:07 sending ACK to 192.168.2.3
10/09/2007 13:33:06 sending ACK to 192.168.2.3
10/09/2007 13:31:10 sending ACK to 192.168.2.3
10/09/2007 13:31:07 sending ACK to 192.168.2.3
10/09/2007 13:29:16 sending ACK to 192.168.2.3
10/09/2007 13:29:08 sending ACK to 192.168.2.3
10/09/2007 13:29:05 sending ACK to 192.168.2.3
10/09/2007 13:27:04 sending ACK to 192.168.2.3
10/09/2007 13:27:01 sending ACK to 192.168.2.3
10/09/2007 13:25:06 sending ACK to 192.168.2.3
10/09/2007 13:25:02 sending ACK to 192.168.2.3
10/09/2007 13:23:05 sending ACK to 192.168.2.3
10/09/2007 13:23:02 sending ACK to 192.168.2.3
10/09/2007 13:21:08 sending ACK to 192.168.2.3
10/09/2007 13:21:04 sending ACK to 192.168.2.3
10/09/2007 13:19:04 sending ACK to 192.168.2.3
10/09/2007 13:19:00 sending ACK to 192.168.2.3
10/09/2007 13:17:03 sending ACK to 192.168.2.3
10/09/2007 13:15:13 sending ACK to 192.168.2.3
10/09/2007 13:15:06 sending ACK to 192.168.2.3
10/09/2007 13:13:08 sending ACK to 192.168.2.3
10/09/2007 13:13:04 sending ACK to 192.168.2.3
10/09/2007 13:13:03 sending ACK to 192.168.2.3
10/09/2007 13:13:00 sending ACK to 192.168.2.3
10/09/2007 13:11:09 sending ACK to 192.168.2.3
10/09/2007 13:11:01 sending ACK to 192.168.2.3
10/09/2007 13:10:57 sending ACK to 192.168.2.3
10/09/2007 13:09:00 sending ACK to 192.168.2.3
10/09/2007 13:08:56 sending ACK to 192.168.2.3
10/09/2007 13:06:58 sending ACK to 192.168.2.3
10/09/2007 13:06:58 sending OFFER to 192.168.2.3
10/09/2007 13:06:08 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:06:07 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:06:05 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:06:04 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:06:02 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:06:01 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:05:59 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:05:58 **Smurf** 169.254.255.255->> 169.254.36.167, Type:3, Code:3 (from WAN Outbound)
10/09/2007 13:05:58 sending OFFER to 192.168.2.3

Thanks


See More: WIFI, no ip, Smurf attack??

Report •


#1
October 10, 2007 at 05:03:20
yep smurf attack.
i had one recently.
do a factory reset of the router after disconnecting all cables.
rebuild the wireless network also.
it took me 3 hours to correct my network of 8 computers


Report •

#2
October 10, 2007 at 05:51:45
Cheers mountain. I will do that
Thank

Report •

#3
November 24, 2007 at 18:29:06
Hi all

I have exactly the same on my Belkin router even same IP's is that right???
My wireless activity light flashes even when my pc & laptop are off! Do i take it my connection is being piggybacked? I've enabled MAC filtering for my two machines onlyor is this my ports being scanned? Should I invest in a hard firewall?

11/24/2007 23:57:01 192.168.2.2 login success
11/24/2007 23:56:54 User from 192.168.2.2 timed out
11/24/2007 23:55:42 sending ACK to 192.168.2.2
11/24/2007 23:11:42 **LAND** 86.140.43.139, 3468->> 86.140.43.139, 17657 (from ATM1 Inbound)
11/24/2007 23:11:36 **LAND** 86.140.43.139, 3468->> 86.140.43.139, 17657 (from ATM1 Inbound)
11/24/2007 23:11:33 **LAND** 86.140.43.139, 3468->> 86.140.43.139, 17657 (from ATM1 Inbound)
11/24/2007 23:09:54 **LAND** 86.140.43.139, 3244->> 86.140.43.139, 17657 (from ATM1 Inbound)
11/24/2007 23:09:48 **LAND** 86.140.43.139, 3244->> 86.140.43.139, 17657 (from ATM1 Inbound)
11/24/2007 23:09:45 **LAND** 86.140.43.139, 3244->> 86.140.43.139, 17657 (from ATM1 Inbound)
11/24/2007 22:41:23 sending ACK to 192.168.2.2
11/24/2007 21:00:11 NTP Date/Time updated.
11/24/2007 19:34:54 sending ACK to 192.168.2.2
11/24/2007 18:15:08 sending ACK to 192.168.2.2
11/24/2007 14:56:49 NTP Date/Time updated.
11/24/2007 14:44:59 sending ACK to 192.168.2.2
11/24/2007 13:34:50 sending ACK to 192.168.2.3
11/24/2007 13:07:57 sending ACK to 192.168.2.2
11/24/2007 12:36:17 sending ACK to 192.168.2.2
11/24/2007 12:01:00 sending ACK to 192.168.2.3
11/24/2007 11:30:59 sending ACK to 192.168.2.3
11/24/2007 10:42:45 sending ACK to 192.168.2.3
11/24/2007 10:21:48 sending ACK to 192.168.2.2
11/24/2007 08:53:28 NTP Date/Time updated.
11/24/2007 02:50:08 NTP Date/Time updated.
11/23/2007 20:46:47 NTP Date/Time updated.
11/23/2007 19:13:27 sending ACK to 192.168.2.2
11/23/2007 16:39:29 sending ACK to 192.168.2.3
11/23/2007 14:43:26 NTP Date/Time updated.
11/23/2007 09:58:24 sending ACK to 192.168.2.3
11/23/2007 08:40:05 NTP Date/Time updated.
11/23/2007 07:07:42 sending ACK to 192.168.2.2
11/23/2007 02:36:44 NTP Date/Time updated.
11/22/2007 21:52:08 sending ACK to 192.168.2.2
11/22/2007 21:52:08 sending OFFER to 192.168.2.2
11/22/2007 20:33:23 NTP Date/Time updated.
11/22/2007 19:51:28 sending ACK to 192.168.2.2
11/22/2007 17:42:00 sending ACK to 192.168.2.2
11/22/2007 14:30:02 NTP Date/Time updated.
11/22/2007 11:48:43 sending ACK to 192.168.2.3
11/22/2007 09:47:45 sending ACK to 192.168.2.2
11/22/2007 08:26:40 NTP Date/Time updated.
11/22/2007 02:23:20 NTP Date/Time updated.
11/21/2007 22:24:09 sending ACK to 192.168.2.2
11/21/2007 20:19:59 NTP Date/Time updated.
11/21/2007 18:42:04 sending ACK to 192.168.2.2
11/21/2007 18:41:22 sending ACK to 192.168.2.3
11/21/2007 18:15:11 sending ACK to 192.168.2.2
11/21/2007 14:16:38 NTP Date/Time updated.
11/21/2007 14:03:16 sending ACK to 192.168.2.2
11/21/2007 14:03:16 sending OFFER to 192.168.2.2
11/21/2007 11:29:16 sending ACK to 192.168.2.3
11/21/2007 10:21:52 sending ACK to 192.168.2.2
11/21/2007 08:13:18 NTP Date/Time updated.
11/21/2007 02:09:57 NTP Date/Time updated.
11/20/2007 21:44:26 sending ACK to 192.168.2.2
11/20/2007 20:22:22 sending ACK to 192.168.2.3
11/20/2007 20:06:36 NTP Date/Time updated.
11/20/2007 19:19:16 sending ACK to 192.168.2.2
11/20/2007 15:56:16 sending ACK to 192.168.2.3
11/20/2007 15:15:39 sending ACK to 192.168.2.2
11/20/2007 15:15:39 sending ACK to 192.168.2.2
11/20/2007 15:03:48 NTP Date/Time updated.
11/20/2007 14:52:55 If(ATM1) PPP connection ok !
11/20/2007 14:52:54 ATM1 get IP:86.140.43.139
11/20/2007 14:52:53 ATM1 start PPP
11/20/2007 14:52:53 Dial On Demand(ATM1)
11/20/2007 14:52:50 192.168.2.2 login success
11/20/2007 14:44:02 sending ACK to 192.168.2.2
11/20/2007 07:45:02 sending ACK to 192.168.2.2
11/20/2007 00:26:54 ADSL Media Up !
11/20/2007 00:17:31 ATM1 stop PPP
11/19/2007 21:03:17 sending ACK to 192.168.2.2
11/19/2007 21:03:13 sending ACK to 192.168.2.2
11/19/2007 20:16:29 sending ACK to 192.168.2.2
11/19/2007 20:16:26 sending ACK to 192.168.2.2
11/19/2007 19:53:13 NTP Date/Time updated.
11/19/2007 17:45:39 sending ACK to 192.168.2.2
11/19/2007 14:17:11 sending ACK to 192.168.2.2
11/19/2007 13:49:53 NTP Date/Time updated.
11/19/2007 11:44:50 sending ACK to 192.168.2.3
11/19/2007 08:10:55 sending ACK to 192.168.2.2
11/19/2007 07:46:32 NTP Date/Time updated.
11/19/2007 01:43:12 NTP Date/Time updated.
11/18/2007 23:00:28 sending ACK to 192.168.2.2
11/18/2007 20:13:32 sending ACK to 192.168.2.2
11/18/2007 20:13:29 sending ACK to 192.168.2.2
11/18/2007 19:39:51 NTP Date/Time updated.
11/18/2007 18:43:48 sending ACK to 192.168.2.3
11/18/2007 13:36:30 NTP Date/Time updated.
11/18/2007 07:33:10 NTP Date/Time updated.
11/18/2007 01:29:49 NTP Date/Time updated.
11/17/2007 19:26:29 NTP Date/Time updated.
11/17/2007 13:23:08 NTP Date/Time updated.
11/17/2007 07:19:48 NTP Date/Time updated.
11/17/2007 01:16:27 NTP Date/Time updated.
11/17/2007 00:34:20 sending ACK to 192.168.2.2
11/17/2007 00:34:14 sending ACK to 192.168.2.2
11/17/2007 00:33:31 sending ACK to 192.168.2.2
11/16/2007 21:22:16 sending ACK to 192.168.2.2
11/16/2007 19:13:05 NTP Date/Time updated.
11/16/2007 18:39:08 sending ACK to 192.168.2.2
11/16/2007 15:54:15 **Vecna Scan** 87.248.210.132, 80->> 86.140.117.206, 1580 (from ATM1 Inbound)
11/16/2007 13:33:07 sending ACK to 192.168.2.2
11/16/2007 13:33:04 sending ACK to 192.168.2.2
11/16/2007 13:09:44 NTP Date/Time updated.
11/16/2007 12:08:35 sending ACK to 192.168.2.2
11/16/2007 07:06:24 NTP Date/Time updated.
11/16/2007 02:01:07 sending ACK to 192.168.2.2
11/16/2007 01:03:02 NTP Date/Time updated.
11/16/2007 00:21:29 sending ACK to 192.168.2.2
11/15/2007 18:59:41 NTP Date/Time updated.
11/15/2007 17:21:06 sending ACK to 192.168.2.2
11/15/2007 16:44:52 sending ACK to 192.168.2.3
11/15/2007 12:56:19 NTP Date/Time updated.
11/15/2007 11:56:35 sending ACK to 192.168.2.2
11/15/2007 06:52:58 NTP Date/Time updated.
11/15/2007 00:49:38 NTP Date/Time updated.
11/14/2007 21:51:14 sending ACK to 192.168.2.2
11/14/2007 21:51:09 sending ACK to 192.168.2.2
11/14/2007 20:27:35 sending ACK to 192.168.2.2
11/14/2007 19:47:27 ADSL Media Up !
11/14/2007 18:46:16 NTP Date/Time updated.
11/14/2007 18:27:41 192.168.2.3 login success
11/14/2007 18:26:47 sending ACK to 192.168.2.3
11/14/2007 18:25:46 sending ACK to 192.168.2.3
11/14/2007 18:25:46 sending OFFER to 192.168.2.3
11/14/2007 18:25:39 **Smurf** 169.254.255.255->> 169.254.88.49, Type:3, Code:3 (from ATM1 Outbound)
11/14/2007 18:25:27 **Smurf** 169.254.255.255->> 169.254.88.49, Type:3, Code:3 (from ATM1 Outbound)
11/14/2007 18:25:25 **Smurf** 169.254.255.255->> 169.254.88.49, Type:3, Code:3 (from ATM1 Outbound)
11/14/2007 18:25:14 192.168.2.2 logout
11/14/2007 18:23:56 192.168.2.2 login success
11/14/2007 18:22:28 sending ACK to 192.168.2.2
11/14/2007 17:08:19 ADSL Media Up !
11/14/2007 16:58:53 sending ACK to 192.168.2.2
11/14/2007 12:42:54 NTP Date/Time updated.
11/14/2007 11:29:12 **SYN Flood to Host** 81.156.164.110, 60794->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 11:29:06 **SYN Flood to Host** 86.148.26.32, 58807->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 11:29:06 **SYN Flood to Host** 81.156.164.110, 62616->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 11:29:03 **SYN Flood to Host** 81.156.164.110, 51680->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 11:11:21 **UDP Flood to Host** 84.216.52.26, 17723->> 192.168.2.2, 17657 (from ATM1 Inbound)
11/14/2007 11:11:21 **UDP Flood to Host** 82.135.208.236, 31742->> 192.168.2.2, 17657 (from ATM1 Inbound)
11/14/2007 11:11:21 **UDP Flood to Host** 217.121.116.178, 64268->> 192.168.2.2, 17657 (from ATM1 Inbound)
11/14/2007 11:11:21 **UDP Flood to Host** 121.24.65.241, 17951->> 192.168.2.2, 17657 (from ATM1 Inbound)
11/14/2007 11:11:21 **UDP Flood to Host** 142.131.73.145, 6881->> 192.168.2.2, 17657 (from ATM1 Inbound)
11/14/2007 10:40:08 **SYN Flood to Host** 81.156.164.110, 52433->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 10:40:02 **SYN Flood to Host** 151.11.160.66, 4502->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 10:40:02 **SYN Flood to Host** 81.156.164.110, 51497->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 10:39:59 **SYN Flood to Host** 125.24.76.132, 56726->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 10:39:59 **SYN Flood to Host** 81.156.164.110, 49383->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 10:01:15 **SYN Flood to Host** 81.192.170.239, 2851->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 10:01:15 **SYN Flood to Host** 81.156.164.110, 52937->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 09:23:41 **SYN Flood to Host** 201.172.65.54, 2962->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 09:23:41 **SYN Flood to Host** 99.224.100.31, 60824->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 09:23:41 **SYN Flood to Host** 81.156.164.110, 54906->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 09:23:38 **SYN Flood to Host** 172.209.42.23, 4267->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 09:23:38 **SYN Flood to Host** 208.100.128.13, 53426->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 09:23:38 **SYN Flood to Host** 125.238.34.171, 65187->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 09:23:38 **SYN Flood to Host** 81.156.164.110, 51072->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 08:47:36 **SYN Flood to Host** 86.129.27.233, 56014->> 86.140.117.206, 17657 (from ATM1 Inbound)
11/14/2007 08:47:36 **SYN Flood to Host** 128.113.156.45, 1280->> 86.140.117.206, 17657 (from ATM1 Inbound)

many thanks
Bionicdad


Report •

Related Solutions

#4
December 7, 2007 at 14:25:19

I also have a Belkin wireless router, and am getting the
same warnings about a smurf attack. But my wireless
router is inside a private network, behind another router.
On my network this is not an external attack.

Is there a possibility that at least one of these machines is
a Mac? Remember the automatic zero-conf style local
network capability that OSX machines have.

http://www.apple.com/macosx/technol...


I also have a Belkin wireless router, and am getting the
same warnings about a smurf attack, caused by multiple
broadcast pings. But my wireless router is inside a private
network, behind another router. On my network this is not
an external attack.

Is there a possibility that at least one of these machines is
a Mac? Remember the automatic zero-conf style local
network capability that OSX machines have.

<a
href="http://www.apple.com/macosx/technology/bonjou
r.html"
target="_blank">http://www.apple.com/macosx/technol..
.

I understand that through Bonjour, the mac allocates itself
a private address in the subnet 169.254. It broadcasts
requests (possibly pingss) broadcast address
169.254.255.255 in order to identify other local
machines. This enables some of the ad hoc file sharing,
itunes sharing and other network capability eg.
your_name's_computer.local name lookups without a
name server. You may want to check netstat -r


Report •


Ask Question