Re: ataki na sieć

Autor: Olek (olotestSPAMFE_at_poczta.onet.pl)
Data: Fri 27 Feb 2004 - 19:00:23 MET

Dnia 04-02-26 18:16, internauta Piotr KUCHARSKI napisał(a):
> Witam,
>
> Oprócz zwykłych ataków (D)DoS przez flood UDP i ICMP na serwery IRC.pl,

Jeden użytkownik z windy sieje czymś takim. Jednak ciągle na same kilka
adresów. Jesteście zainteresowani, iść szukać przyczyny?

18:47:43.520307 192.168.1.11.1536 > 62.80.124.155.6667: tcp 0 (DF) (ttl
128, id 3342, len 48)
18:47:49.519387 192.168.1.11.1536 > 62.80.124.155.6667: tcp 0 (DF) (ttl
128, id 3598, len 48)
18:48:01.517515 192.168.1.11.1536 > 62.80.124.155.6667: tcp 0 (DF) (ttl
128, id 4110, len 48)
18:48:27.686602 192.168.1.11.1538 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 4878, len 48)
18:48:30.613045 192.168.1.11.1538 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 5390, len 48)
18:48:36.612115 192.168.1.11.1538 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 5646, len 48)
18:48:48.610236 192.168.1.11.1538 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 5902, len 48)
18:49:14.876736 192.168.1.11.1540 > 62.80.124.155.6667: tcp 0 (DF) (ttl
128, id 6926, len 48)
18:49:17.810729 192.168.1.11.1540 > 62.80.124.155.6667: tcp 0 (DF) (ttl
128, id 7182, len 48)
18:49:23.809798 192.168.1.11.1540 > 62.80.124.155.6667: tcp 0 (DF) (ttl
128, id 7438, len 48)
18:49:35.807917 192.168.1.11.1540 > 62.80.124.155.6667: tcp 0 (DF) (ttl
128, id 7950, len 48)
18:50:02.006542 192.168.1.11.1542 > 195.22.74.199.6667: tcp 0 (DF) (ttl
128, id 9230, len 48)
18:50:04.908422 192.168.1.11.1542 > 195.22.74.199.6667: tcp 0 (DF) (ttl
128, id 9486, len 48)
18:50:10.906741 192.168.1.11.1542 > 195.22.74.199.6667: tcp 0 (DF) (ttl
128, id 9742, len 48)
18:50:22.905637 192.168.1.11.1542 > 195.22.74.199.6667: tcp 0 (DF) (ttl
128, id 9998, len 48)
18:50:49.108322 192.168.1.11.1544 > 213.193.225.252.6667: tcp 0 (DF)
(ttl 128, id 10510, len 48)
18:50:52.066130 192.168.1.11.1544 > 213.193.225.252.6667: tcp 0 (DF)
(ttl 128, id 10766, len 48)
18:50:58.065216 192.168.1.11.1544 > 213.193.225.252.6667: tcp 0 (DF)
(ttl 128, id 11022, len 48)
18:51:10.568266 192.168.1.11.1544 > 213.193.225.252.6667: tcp 0 (DF)
(ttl 128, id 11278, len 48)
18:51:36.892386 192.168.1.11.1546 > 80.196.158.72.6667: tcp 0 (DF) (ttl
128, id 11790, len 48)
18:51:40.368688 192.168.1.11.1546 > 80.196.158.72.6667: tcp 0 (DF) (ttl
128, id 12046, len 48)
18:51:46.372754 192.168.1.11.1546 > 80.196.158.72.6667: tcp 0 (DF) (ttl
128, id 12302, len 48)
18:51:58.375885 192.168.1.11.1546 > 80.196.158.72.6667: tcp 0 (DF) (ttl
128, id 12558, len 48)
18:52:24.536692 192.168.1.11.1548 > 195.22.74.199.6667: tcp 0 (DF) (ttl
128, id 13070, len 48)
18:52:27.476435 192.168.1.11.1548 > 195.22.74.199.6667: tcp 0 (DF) (ttl
128, id 13326, len 48)
18:52:33.475485 192.168.1.11.1548 > 195.22.74.199.6667: tcp 0 (DF) (ttl
128, id 13582, len 48)
18:52:45.473613 192.168.1.11.1548 > 195.22.74.199.6667: tcp 0 (DF) (ttl
128, id 13838, len 48)
18:53:11.636657 192.168.1.11.1551 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 14350, len 48)
18:53:14.574109 192.168.1.11.1551 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 14606, len 48)
18:53:20.573172 192.168.1.11.1551 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 14862, len 48)
18:53:32.571291 192.168.1.11.1551 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 15118, len 48)
18:53:59.346679 192.168.1.11.1556 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 18958, len 48)
18:54:02.271712 192.168.1.11.1556 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 19214, len 48)
18:54:08.275805 192.168.1.11.1556 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 19726, len 48)
18:54:20.283917 192.168.1.11.1556 > 195.92.253.3.6667: tcp 0 (DF) (ttl
128, id 19982, len 48) 

-- 
Olek

To archiwum zostało wygenerowane przez hypermail 2.1.7 : Wed 19 May 2004 - 18:14:39 MET DST