Меня атачат! DOS Attack на мой роутер - кто и зачем?

0

2

Пацаны, меня досят какие-то гопники, и их адреса постоянно меняются, так что отследить по IP и навалять (как по старинке) не получится! Какие предложения? :)

Если серьезно, я не силен в сетях. В настройки роутера залезаю крайне редко. Но сегодня интернет немножко тормозил, и я решил зайти и посмотреть, что там есть в админке.

Впервые в роутере открыл журнал логов и получил вот такое:

[DoS Attack: ACK Scan] from source: 52.24.228.88, port 80, Monday, September 05, 2016 20:56:31
[DoS Attack: RST Scan] from source: 81.200.2.178, port 443, Monday, September 05, 2016 20:56:31
[DoS Attack: ACK Scan] from source: 52.24.228.88, port 80, Monday, September 05, 2016 20:56:22
[DoS Attack: RST Scan] from source: 81.200.2.185, port 443, Monday, September 05, 2016 20:56:19
[DoS Attack: ACK Scan] from source: 52.24.228.88, port 80, Monday, September 05, 2016 20:56:15
[DoS Attack: RST Scan] from source: 173.194.73.200, port 443, Monday, September 05, 2016 20:54:53
[admin login] from source 192.168.1.2, Monday, September 05, 2016 20:53:55
[DoS Attack: RST Scan] from source: 81.200.2.179, port 443, Monday, September 05, 2016 20:53:51
[DoS Attack: RST Scan] from source: 81.200.2.178, port 443, Monday, September 05, 2016 20:53:19
[DoS Attack: RST Scan] from source: 173.194.73.83, port 443, Monday, September 05, 2016 20:52:39
[DoS Attack: RST Scan] from source: 173.194.221.196, port 443, Monday, September 05, 2016 20:52:06
[DoS Attack: RST Scan] from source: 81.200.2.178, port 443, Monday, September 05, 2016 20:49:35
[DoS Attack: RST Scan] from source: 81.200.2.187, port 443, Monday, September 05, 2016 20:48:19
[DoS Attack: RST Scan] from source: 173.194.73.196, port 443, Monday, September 05, 2016 20:48:19
[DoS Attack: RST Scan] from source: 173.194.222.17, port 443, Monday, September 05, 2016 20:47:38
[admin login] from source 192.168.1.2, Monday, September 05, 2016 20:46:19
[DoS Attack: RST Scan] from source: 173.194.220.189, port 443, Monday, September 05, 2016 20:44:12
[DoS Attack: RST Scan] from source: 173.194.73.200, port 443, Monday, September 05, 2016 20:42:54
[DoS Attack: RST Scan] from source: 64.233.165.17, port 443, Monday, September 05, 2016 20:42:38
[DoS Attack: RST Scan] from source: 81.200.2.178, port 443, Monday, September 05, 2016 20:41:50
[DoS Attack: RST Scan] from source: 173.194.222.17, port 443, Monday, September 05, 2016 20:37:38
[DoS Attack: RST Scan] from source: 191.96.249.19, port 23, Monday, September 05, 2016 20:37:08
[DoS Attack: RST Scan] from source: 74.125.29.94, port 443, Monday, September 05, 2016 20:36:47
[DoS Attack: RST Scan] from source: 64.233.161.196, port 443, Monday, September 05, 2016 20:36:44
[DoS Attack: RST Scan] from source: 81.200.2.178, port 443, Monday, September 05, 2016 20:35:38
[DoS Attack: RST Scan] from source: 64.233.161.200, port 443, Monday, September 05, 2016 20:33:52
[DoS Attack: RST Scan] from source: 173.194.73.19, port 443, Monday, September 05, 2016 20:32:37
[DoS Attack: RST Scan] from source: 64.233.161.196, port 443, Monday, September 05, 2016 20:32:26
[DoS Attack: RST Scan] from source: 81.200.2.180, port 443, Monday, September 05, 2016 20:30:54
[DoS Attack: RST Scan] from source: 64.233.165.200, port 443, Monday, September 05, 2016 20:30:54
[DoS Attack: RST Scan] from source: 81.200.2.180, port 443, Monday, September 05, 2016 20:29:46
[DoS Attack: RST Scan] from source: 81.200.2.181, port 443, Monday, September 05, 2016 20:28:13
[DoS Attack: RST Scan] from source: 81.200.2.180, port 443, Monday, September 05, 2016 20:28:13
[DoS Attack: RST Scan] from source: 108.177.14.83, port 443, Monday, September 05, 2016 20:27:37
[DoS Attack: RST Scan] from source: 209.85.233.97, port 443, Monday, September 05, 2016 20:26:43
[DoS Attack: RST Scan] from source: 81.200.2.179, port 443, Monday, September 05, 2016 20:26:40
[DoS Attack: RST Scan] from source: 64.233.165.196, port 443, Monday, September 05, 2016 20:26:28
[DoS Attack: RST Scan] from source: 81.200.2.182, port 443, Monday, September 05, 2016 20:26:28
[DoS Attack: RST Scan] from source: 81.200.2.179, port 443, Monday, September 05, 2016 20:26:28
[DoS Attack: RST Scan] from source: 81.200.2.180, port 443, Monday, September 05, 2016 20:26:28
[DoS Attack: RST Scan] from source: 209.85.233.132, port 443, Monday, September 05, 2016 20:26:28
[DoS Attack: RST Scan] from source: 108.177.14.83, port 443, Monday, September 05, 2016 20:24:36
[DoS Attack: RST Scan] from source: 64.233.164.83, port 443, Monday, September 05, 2016 20:21:35
[DoS Attack: RST Scan] from source: 64.233.164.200, port 443, Monday, September 05, 2016 20:18:54
[DoS Attack: RST Scan] from source: 81.200.2.176, port 443, Monday, September 05, 2016 20:16:44
[DoS Attack: RST Scan] from source: 81.200.2.180, port 443, Monday, September 05, 2016 20:15:51
[DoS Attack: RST Scan] from source: 173.194.222.196, port 443, Monday, September 05, 2016 20:15:51
[DoS Attack: RST Scan] from source: 64.233.161.84, port 443, Monday, September 05, 2016 20:11:18
[DoS Attack: RST Scan] from source: 64.233.163.200, port 443, Monday, September 05, 2016 20:11:17
[DoS Attack: RST Scan] from source: 173.194.222.18, port 443, Monday, September 05, 2016 20:08:15
[DoS Attack: ACK Scan] from source: 5.255.255.88, port 443, Monday, September 05, 2016 20:04:28
[DoS Attack: RST Scan] from source: 173.194.220.200, port 443, Monday, September 05, 2016 20:03:54
[DoS Attack: RST Scan] from source: 213.180.204.179, port 443, Monday, September 05, 2016 20:02:32
[DoS Attack: RST Scan] from source: 195.123.209.38, port 3143, Monday, September 05, 2016 20:02:22
[DoS Attack: RST Scan] from source: 173.194.221.196, port 443, Monday, September 05, 2016 20:02:20
[DoS Attack: RST Scan] from source: 195.123.209.38, port 3143, Monday, September 05, 2016 20:02:16
[DoS Attack: RST Scan] from source: 64.233.161.84, port 443, Monday, September 05, 2016 20:02:15
[DoS Attack: RST Scan] from source: 195.123.209.38, port 3143, Monday, September 05, 2016 20:02:14
[DoS Attack: RST Scan] from source: 173.194.222.132, port 443, Monday, September 05, 2016 20:02:12
[DoS Attack: TCP/UDP Chargen] from source: 185.128.40.162, port 59470, Monday, September 05, 2016 20:01:23
[DoS Attack: RST Scan] from source: 195.123.209.38, port 3143, Monday, September 05, 2016 20:01:19
[DoS Attack: RST Scan] from source: 81.200.2.177, port 443, Monday, September 05, 2016 20:00:55
[DoS Attack: RST Scan] from source: 81.200.2.176, port 443, Monday, September 05, 2016 20:00:55
[DoS Attack: RST Scan] from source: 173.194.220.200, port 443, Monday, September 05, 2016 20:00:53
[DoS Attack: RST Scan] from source: 81.200.2.177, port 443, Monday, September 05, 2016 19:58:06
[DoS Attack: RST Scan] from source: 64.233.162.200, port 443, Monday, September 05, 2016 19:57:53
[DoS Attack: RST Scan] from source: 209.85.233.196, port 443, Monday, September 05, 2016 19:57:39
[DoS Attack: RST Scan] from source: 173.194.222.84, port 443, Monday, September 05, 2016 19:57:37
[DoS Attack: RST Scan] from source: 173.194.222.18, port 443, Monday, September 05, 2016 19:57:37
[DoS Attack: RST Scan] from source: 81.200.2.178, port 443, Monday, September 05, 2016 19:57:35
[DoS Attack: RST Scan] from source: 108.177.14.97, port 443, Monday, September 05, 2016 19:56:41
[DoS Attack: RST Scan] from source: 173.194.220.154, port 443, Monday, September 05, 2016 19:56:30
[DoS Attack: RST Scan] from source: 173.194.222.95, port 443, Monday, September 05, 2016 19:56:29
[DoS Attack: RST Scan] from source: 81.200.2.179, port 443, Monday, September 05, 2016 19:56:27
[DoS Attack: RST Scan] from source: 173.194.222.132, port 443, Monday, September 05, 2016 19:56:20
[DoS Attack: RST Scan] from source: 173.194.220.196, port 443, Monday, September 05, 2016 19:52:41
[DoS Attack: RST Scan] from source: 173.194.222.19, port 443, Monday, September 05, 2016 19:52:27
[DoS Attack: RST Scan] from source: 173.194.73.84, port 443, Monday, September 05, 2016 19:51:04
[DoS Attack: RST Scan] from source: 173.194.222.95, port 443, Monday, September 05, 2016 19:50:34
[DoS Attack: RST Scan] from source: 195.123.209.38, port 3143, Monday, September 05, 2016 19:49:40
[DoS Attack: RST Scan] from source: 81.200.3.177, port 443, Monday, September 05, 2016 19:49:36
[DoS Attack: RST Scan] from source: 93.158.134.179, port 443, Monday, September 05, 2016 19:47:01
[DoS Attack: ACK Scan] from source: 87.250.250.119, port 443, Monday, September 05, 2016 19:47:01
[DoS Attack: RST Scan] from source: 173.194.220.200, port 443, Monday, September 05, 2016 19:45:53
[DoS Attack: RST Scan] from source: 64.233.161.196, port 443, Monday, September 05, 2016 19:44:58
[DoS Attack: RST Scan] from source: 64.233.162.97, port 443, Monday, September 05, 2016 19:44:56
[DoS Attack: RST Scan] from source: 64.233.162.84, port 443, Monday, September 05, 2016 19:43:27
[DoS Attack: RST Scan] from source: 173.194.222.19, port 443, Monday, September 05, 2016 19:42:25
[DoS Attack: RST Scan] from source: 64.233.162.84, port 443, Monday, September 05, 2016 19:38:45
[DoS Attack: RST Scan] from source: 173.194.222.196, port 443, Monday, September 05, 2016 19:38:45
[DoS Attack: RST Scan] from source: 173.194.222.97, port 443, Monday, September 05, 2016 19:38:33
[DoS Attack: RST Scan] from source: 64.233.164.17, port 443, Monday, September 05, 2016 19:37:26
[DoS Attack: RST Scan] from source: 212.72.179.20, port 443, Monday, September 05, 2016 19:37:25
[DoS Attack: RST Scan] from source: 81.200.2.176, port 443, Monday, September 05, 2016 19:37:22
[DoS Attack: RST Scan] from source: 173.194.73.95, port 443, Monday, September 05, 2016 19:37:19
[DoS Attack: RST Scan] from source: 64.233.163.198, port 443, Monday, September 05, 2016 19:37:14
[DoS Attack: RST Scan] from source: 81.200.2.185, port 443, Monday, September 05, 2016 19:37:13
[DoS Attack: RST Scan] from source: 173.194.220.132, port 443, Monday, September 05, 2016 19:37:06
[DoS Attack: RST Scan] from source: 93.158.134.179, port 443, Monday, September 05, 2016 19:34:43
[DoS Attack: RST Scan] from source: 81.200.3.174, port 443, Monday, September 05, 2016 19:34:38
[DoS Attack: RST Scan] from source: 64.233.162.157, port 443, Monday, September 05, 2016 19:34:35
[DoS Attack: RST Scan] from source: 173.194.222.154, port 443, Monday, September 05, 2016 19:34:35
[DoS Attack: RST Scan] from source: 64.233.161.200, port 443, Monday, September 05, 2016 19:33:53
[DoS Attack: ACK Scan] from source: 81.200.3.174, port 443, Monday, September 05, 2016 19:33:51
[DoS Attack: RST Scan] from source: 81.200.3.174, port 443, Monday, September 05, 2016 19:32:57
[DoS Attack: RST Scan] from source: 74.125.205.19, port 443, Monday, September 05, 2016 19:32:26
[DoS Attack: RST Scan] from source: 81.200.3.174, port 443, Monday, September 05, 2016 19:32:09
[DoS Attack: RST Scan] from source: 173.194.10.7, port 443, Monday, September 05, 2016 19:31:45
[DoS Attack: RST Scan] from source: 81.200.2.184, port 443, Monday, September 05, 2016 19:31:09
[DoS Attack: RST Scan] from source: 173.194.222.196, port 443, Monday, September 05, 2016 19:31:06
[DoS Attack: RST Scan] from source: 64.233.164.95, port 443, Monday, September 05, 2016 19:30:52
[DoS Attack: RST Scan] from source: 81.200.2.182, port 443, Monday, September 05, 2016 19:30:21
[DoS Attack: RST Scan] from source: 173.194.220.198, port 443, Monday, September 05, 2016 19:30:20
[DoS Attack: RST Scan] from source: 81.200.2.179, port 443, Monday, September 05, 2016 19:27:55
[DoS Attack: RST Scan] from source: 81.200.2.186, port 443, Monday, September 05, 2016 19:27:29
[DoS Attack: RST Scan] from source: 64.233.165.84, port 443, Monday, September 05, 2016 19:27:26
[DoS Attack: RST Scan] from source: 64.233.161.19, port 443, Monday, September 05, 2016 19:27:25
[DoS Attack: RST Scan] from source: 81.200.2.179, port 443, Monday, September 05, 2016 19:26:45
[DoS Attack: RST Scan] from source: 81.200.2.185, port 443, Monday, September 05, 2016 19:26:38
[DoS Attack: RST Scan] from source: 81.200.2.182, port 443, Monday, September 05, 2016 19:24:59
[DoS Attack: RST Scan] from source: 81.200.2.181, port 443, Monday, September 05, 2016 19:24:59
[DoS Attack: RST Scan] from source: 81.200.2.177, port 443, Monday, September 05, 2016 19:24:59
[DoS Attack: RST Scan] from source: 81.200.2.179, port 443, Monday, September 05, 2016 19:24:57
[DoS Attack: RST Scan] from source: 81.200.2.176, port 443, Monday, September 05, 2016 19:24:57
[DoS Attack: RST Scan] from source: 81.200.2.181, port 443, Monday, September 05, 2016 19:24:51
[DoS Attack: RST Scan] from source: 81.200.2.183, port 443, Monday, September 05, 2016 19:24:51
[DoS Attack: RST Scan] from source: 216.58.212.131, port 443, Monday, September 05, 2016 19:24:45
[DoS Attack: RST Scan] from source: 81.200.2.179, port 443, Monday, September 05, 2016 19:24:45
[DoS Attack: RST Scan] from source: 173.194.73.200, port 443, Monday, September 05, 2016 19:24:37
[DoS Attack: RST Scan] from source: 81.200.2.184, port 443, Monday, September 05, 2016 19:24:34
[DoS Attack: RST Scan] from source: 195.123.209.38, port 3143, Monday, September 05, 2016 19:24:31
[DoS Attack: RST Scan] from source: 64.233.165.84, port 443, Monday, September 05, 2016 19:24:30
[DoS Attack: RST Scan] from source: 64.233.163.83, port 443, Monday, September 05, 2016 19:22:26
[DoS Attack: RST Scan] from source: 81.200.2.187, port 443, Monday, September 05, 2016 19:19:09
[DoS Attack: RST Scan] from source: 64.233.165.17, port 443, Monday, September 05, 2016 19:17:25
[DoS Attack: RST Scan] from source: 64.233.162.200, port 443, Monday, September 05, 2016 19:12:55
[DoS Attack: RST Scan] from source: 108.177.14.196, port 443, Monday, September 05, 2016 19:12:28
[DoS Attack: RST Scan] from source: 64.233.164.18, port 443, Monday, September 05, 2016 19:12:25
[DoS Attack: RST Scan] from source: 198.204.237.74, port 80, Monday, September 05, 2016 19:12:23
[DoS Attack: RST Scan] from source: 81.200.2.176, port 443, Monday, September 05, 2016 19:12:19
[DoS Attack: RST Scan] from source: 81.200.2.177, port 443, Monday, September 05, 2016 19:12:15
[DoS Attack: RST Scan] from source: 64.233.165.84, port 443, Monday, September 05, 2016 19:11:38
[DoS Attack: RST Scan] from source: 81.200.2.183, port 443, Monday, September 05, 2016 19:11:36
[DoS Attack: RST Scan] from source: 74.125.232.244, port 443, Monday, September 05, 2016 19:11:28
[DoS Attack: RST Scan] from source: 81.200.2.187, port 443, Monday, September 05, 2016 19:11:28
[DoS Attack: RST Scan] from source: 81.200.2.181, port 443, Monday, September 05, 2016 19:11:28
[DoS Attack: RST Scan] from source: 173.194.222.132, port 443, Monday, September 05, 2016 19:11:28
[DoS Attack: RST Scan] from source: 64.233.162.200, port 443, Monday, September 05, 2016 19:09:54
[DoS Attack: RST Scan] from source: 81.200.2.183, port 443, Monday, September 05, 2016 19:07:25
[DoS Attack: RST Scan] from source: 64.233.162.83, port 443, Monday, September 05, 2016 19:07:23
[DoS Attack: RST Scan] from source: 173.194.221.196, port 443, Monday, September 05, 2016 19:06:41
[DoS Attack: RST Scan] from source: 64.233.164.84, port 443, Monday, September 05, 2016 19:06:16
[DoS Attack: RST Scan] from source: 77.88.21.179, port 443, Monday, September 05, 2016 19:05:29
[DoS Attack: RST Scan] from source: 64.233.165.200, port 443, Monday, September 05, 2016 19:03:55
[DoS Attack: RST Scan] from source: 64.233.162.18, port 443, Monday, September 05, 2016 19:02:23
[DoS Attack: RST Scan] from source: 81.200.2.181, port 443, Monday, September 05, 2016 19:00:55
[DoS Attack: RST Scan] from source: 81.200.2.182, port 443, Monday, September 05, 2016 19:00:55
[DoS Attack: RST Scan] from source: 64.233.161.196, port 443, Monday, September 05, 2016 18:59:40
[DoS Attack: RST Scan] from source: 173.194.222.84, port 443, Monday, September 05, 2016 18:58:02
[DoS Attack: RST Scan] from source: 64.233.164.200, port 443, Monday, September 05, 2016 18:57:54
[DoS Attack: RST Scan] from source: 64.233.161.83, port 443, Monday, September 05, 2016 18:57:23
[DoS Attack: RST Scan] from source: 81.200.2.186, port 443, Monday, September 05, 2016 18:56:49
[DoS Attack: RST Scan] from source: 81.200.2.187, port 443, Monday, September 05, 2016 18:56:15
[DoS Attack: RST Scan] from source: 108.177.14.97, port 443, Monday, September 05, 2016 18:56:15
[DoS Attack: RST Scan] from source: 74.125.205.95, port 443, Monday, September 05, 2016 18:56:14
[DoS Attack: RST Scan] from source: 173.194.222.84, port 443, Monday, September 05, 2016 18:54:44
[DoS Attack: RST Scan] from source: 64.233.165.17, port 443, Monday, September 05, 2016 18:52:23
[DoS Attack: RST Scan] from source: 173.194.222.84, port 443, Monday, September 05, 2016 18:51:47
[DoS Attack: RST Scan] from source: 81.200.2.187, port 443, Monday, September 05, 2016 18:51:46
[DoS Attack: RST Scan] from source: 64.233.165.17, port 443, Monday, September 05, 2016 18:49:23
[DoS Attack: RST Scan] from source: 81.200.2.186, port 443, Monday, September 05, 2016 18:48:19
[DoS Attack: RST Scan] from source: 173.194.222.198, port 443, Monday, September 05, 2016 18:46:25
[DoS Attack: RST Scan] from source: 173.194.222.17, port 443, Monday, September 05, 2016 18:46:21
[DoS Attack: RST Scan] from source: 74.125.205.97, port 443, Monday, September 05, 2016 18:46:20
[DoS Attack: ACK Scan] from source: 93.184.220.127, port 443, Monday, September 05, 2016 18:45:13
[DoS Attack: RST Scan] from source: 81.200.2.178, port 443, Monday, September 05, 2016 18:43:35
[DoS Attack: RST Scan] from source: 173.194.221.95, port 443, Monday, September 05, 2016 18:43:34
[DoS Attack: RST Scan] from source: 74.125.205.198, port 443, Monday, September 05, 2016 18:39:58
[DoS Attack: RST Scan] from source: 64.233.161.200, port 443, Monday, September 05, 2016 18:39:54
[DoS Attack: RST Scan] from source: 64.233.161.196, port 443, Monday, September 05, 2016 18:39:52
[DoS Attack: RST Scan] from source: 173.194.222.132, port 443, Monday, September 05, 2016 18:39:52
[DoS Attack: RST Scan] from source: 209.85.233.132, port 443, Monday, September 05, 2016 18:39:52
[DoS Attack: RST Scan] from source: 81.200.2.184, port 443, Monday, September 05, 2016 18:39:50
[DoS Attack: ACK Scan] from source: 91.198.174.192, port 443, Monday, September 05, 2016 18:39:45
[DoS Attack: RST Scan] from source: 64.233.165.200, port 443, Monday, September 05, 2016 18:36:55
[DoS Attack: RST Scan] from source: 173.194.222.17, port 443, Monday, September 05, 2016 18:35:20
[DoS Attack: RST Scan] from source: 81.200.2.180, port 443, Monday, September 05, 2016 18:34:51
[DoS Attack: RST Scan] from source: 64.233.165.200, port 443, Monday, September 05, 2016 18:33:55
[DoS Attack: RST Scan] from source: 81.200.2.180, port 443, Monday, September 05, 2016 18:31:04
[DoS Attack: RST Scan] from source: 173.194.222.196, port 443, Monday, September 05, 2016 18:30:21
[DoS Attack: RST Scan] from source: 64.233.164.17, port 443, Monday, September 05, 2016 18:30:21
[DoS Attack: RST Scan] from source: 81.200.2.184, port 443, Monday, September 05, 2016 18:27:53
[DoS Attack: RST Scan] from source: 81.200.2.177, port 443, Monday, September 05, 2016 18:27:53
[DoS Attack: RST Scan] from source: 64.233.162.83, port 443, Monday, September 05, 2016 18:25:20
[DoS Attack: RST Scan] from source: 64.233.164.200, port 443, Monday, September 05, 2016 18:24:55
[DoS Attack: RST Scan] from source: 81.200.2.185, port 443, Monday, September 05, 2016 18:22:51
[DoS Attack: RST Scan] from source: 173.194.221.18, port 443, Monday, September 05, 2016 18:20:20
[DoS Attack: RST Scan] from source: 64.233.164.19, port 443, Monday, September 05, 2016 18:15:20
[DoS Attack: RST Scan] from source: 64.233.162.200, port 443, Monday, September 05, 2016 18:12:55
[DoS Attack: RST Scan] from source: 173.194.222.196, port 443, Monday, September 05, 2016 18:11:09
[DoS Attack: RST Scan] from source: 81.200.2.186, port 443, Monday, September 05, 2016 18:10:51
[DoS Attack: RST Scan] from source: 173.194.221.17, port 443, Monday, September 05, 2016 18:10:19
[DoS Attack: RST Scan] from source: 173.194.221.200, port 443, Monday, September 05, 2016 18:09:55
[DoS Attack: RST Scan] from source: 64.233.165.19, port 443, Monday, September 05, 2016 18:05:18
[DoS Attack: RST Scan] from source: 173.194.73.198, port 443, Monday, September 05, 2016 18:04:23
[DoS Attack: RST Scan] from source: 81.200.2.185, port 443, Monday, September 05, 2016 18:04:22
[DoS Attack: RST Scan] from source: 64.233.165.200, port 443, Monday, September 05, 2016 18:03:53
[DoS Attack: RST Scan] from source: 81.200.2.181, port 443, Monday, September 05, 2016 18:00:56
[DoS Attack: RST Scan] from source: 81.200.2.177, port 443, Monday, September 05, 2016 18:00:56
[DoS Attack: RST Scan] from source: 173.194.222.17, port 443, Monday, September 05, 2016 18:00:55
[DoS Attack: RST Scan] from source: 173.194.73.200, port 443, Monday, September 05, 2016 18:00:55
[DoS Attack: RST Scan] from source: 81.200.2.181, port 443, Monday, September 05, 2016 17:58:56
[DoS Attack: RST Scan] from source: 64.233.161.83, port 443, Monday, September 05, 2016 17:55:18
[DoS Attack: RST Scan] from source: 81.200.2.180, port 443, Monday, September 05, 2016 17:55:05
[DoS Attack: RST Scan] from source: 173.194.222.198, port 443, Monday, September 05, 2016 17:55:05
[DoS Attack: RST Scan] from source: 81.200.3.177, port 443, Monday, September 05, 2016 17:55:05
[DoS Attack: RST Scan] from source: 209.85.233.132, port 443, Monday, September 05, 2016 17:53:01
[DoS Attack: RST Scan] from source: 64.233.161.83, port 443, Monday, September 05, 2016 17:52:16
[DoS Attack: RST Scan] from source: 108.177.14.198, port 443, Monday, September 05, 2016 17:51:40
[DoS Attack: RST Scan] from source: 64.233.162.154, port 443, Monday, September 05, 2016 17:51:09
[DoS Attack: RST Scan] from source: 64.233.164.196, port 443, Monday, September 05, 2016 17:50:51
[DoS Attack: RST Scan] from source: 173.194.58.146, port 443, Monday, September 05, 2016 17:50:31
[DoS Attack: ACK Scan] from source: 173.194.58.146, port 443, Monday, September 05, 2016 17:49:44
[DoS Attack: RST Scan] from source: 74.125.205.83, port 443, Monday, September 05, 2016 17:49:17
[DoS Attack: RST Scan] from source: 81.200.3.174, port 443, Monday, September 05, 2016 17:49:15
[DoS Attack: RST Scan] from source: 74.125.100.238, port 443, Monday, September 05, 2016 17:49:12
[DoS Attack: RST Scan] from source: 173.194.58.178, port 443, Monday, September 05, 2016 17:49:09
[DoS Attack: RST Scan] from source: 74.125.100.238, port 443, Monday, September 05, 2016 17:49:07
[DoS Attack: ACK Scan] from source: 173.194.58.146, port 443, Monday, September 05, 2016 17:48:57
[DoS Attack: RST Scan] from source: 81.200.3.175, port 443, Monday, September 05, 2016 17:48:42
[DoS Attack: ACK Scan] from source: 173.194.58.178, port 443, Monday, September 05, 2016 17:48:33
[DoS Attack: RST Scan] from source: 64.233.165.84, port 443, Monday, September 05, 2016 17:48:33
[DoS Attack: ACK Scan] from source: 173.194.58.178, port 443, Monday, September 05, 2016 17:48:24
[DoS Attack: RST Scan] from source: 108.177.14.154, port 443, Monday, September 05, 2016 17:48:21
[DoS Attack: RST Scan] from source: 64.233.164.156, port 443, Monday, September 05, 2016 17:48:20
[DoS Attack: RST Scan] from source: 81.200.3.177, port 443, Monday, September 05, 2016 17:48:19
[DoS Attack: ACK Scan] from source: 173.194.58.178, port 443, Monday, September 05, 2016 17:48:15
[DoS Attack: RST Scan] from source: 81.200.3.172, port 443, Monday, September 05, 2016 17:46:04
[DoS Attack: RST Scan] from source: 173.194.58.119, port 443, Monday, September 05, 2016 17:46:00
[DoS Attack: RST Scan] from source: 64.233.164.200, port 443, Monday, September 05, 2016 17:45:55
[DoS Attack: RST Scan] from source: 173.194.164.123, port 443, Monday, September 05, 2016 17:45:33
[DoS Attack: ACK Scan] from source: 81.200.3.172, port 443, Monday, September 05, 2016 17:45:32
[DoS Attack: RST Scan] from source: 173.194.164.123, port 443, Monday, September 05, 2016 17:45:29
[DoS Attack: RST Scan] from source: 173.194.221.196, port 443, Monday, September 05, 2016 17:45:11
[DoS Attack: RST Scan] from source: 74.125.205.198, port 443, Monday, September 05, 2016 17:44:54
[DoS Attack: RST Scan] from source: 64.233.162.97, port 443, Monday, September 05, 2016 17:43:55
[DoS Attack: RST Scan] from source: 81.200.2.184, port 443, Monday, September 05, 2016 17:43:54
[DoS Attack: RST Scan] from source: 64.233.165.95, port 443, Monday, September 05, 2016 17:43:53
[DoS Attack: RST Scan] from source: 195.123.209.38, port 3143, Monday, September 05, 2016 17:43:36
[DoS Attack: RST Scan] from source: 173.194.73.132, port 443, Monday, September 05, 2016 17:43:34
[DoS Attack: RST Scan] from source: 192.229.233.146, port 443, Monday, September 05, 2016 17:43:01
[DoS Attack: RST Scan] from source: 74.125.205.83, port 443, Monday, September 05, 2016 17:40:17
[DoS Attack: RST Scan] from source: 64.233.164.200, port 443, Monday, September 05, 2016 17:39:55
[DoS Attack: RST Scan] from source: 81.200.2.182, port 443, Monday, September 05, 2016 17:38:22
[DoS Attack: RST Scan] from source: 108.177.14.83, port 443, Monday, September 05, 2016 17:35:17
[DoS Attack: RST Scan] from source: 64.233.161.200, port 443, Monday, September 05, 2016 17:33:56

Записи про «admin login» - это я логинюсь.

Потом я решил перезапустить роутер и комп, IP динамический, подумал что если сменится адресок, то и гопники отвалят, но не прошло и пары минут после перезапуска, как все пошло по новой... что за хрень?

Есть ли какой-то шанс, что это глюки роутера Netgear, как говорят на форумах?

http://forum.netgear.ru/viewtopic.php?id=1394

[admin login] from source 192.168.1.2, Monday, September 05, 2016 21:35:34
[DoS Attack: ACK Scan] from source: 91.198.174.192, port 443, Monday, September 05, 2016 21:33:42
[DoS Attack: RST Scan] from source: 64.233.162.196, port 443, Monday, September 05, 2016 21:28:52
[DoS Attack: RST Scan] from source: 64.233.164.97, port 443, Monday, September 05, 2016 21:28:51
[DoS Attack: RST Scan] from source: 81.200.2.185, port 443, Monday, September 05, 2016 21:28:51
[DoS Attack: RST Scan] from source: 173.194.221.95, port 443, Monday, September 05, 2016 21:28:50
[DoS Attack: RST Scan] from source: 81.200.2.185, port 443, Monday, September 05, 2016 21:25:57
[admin login] from source 192.168.1.2, Monday, September 05, 2016 21:23:09
[Initialized, firmware version: V1.0.2.12RU] Monday, September 05, 2016 21:22:35

В первом логе вот такая единичная запись выделяется:

[DoS Attack: TCP/UDP Chargen] from source: 185.128.40.162, port 59470, Monday, September 05, 2016 20:01:23

Это говорит о чем-то? И что вообще все это значит? У меня появился тайный хейтер? Пора начинать бояться?

Ссылка

←	VPN: где и какой

Проблемы с доступом к onion сайтам

→

Ни о чём это не говорит, это, к сожалению, норма. Взломщики бьют по площадям, ддося вообще всех подряд в надежде на удачу.

Vsevolod-linuxoid ★★★★★
(05.09.16 21:56:37 MSK)

Ответ на: комментарий от Vsevolod-linuxoid 05.09.16 21:56:37 MSK

Т.е. это (если так можно сказать) какая-то хакерская прога, где можно ввести диапазон адресов, и она долбит всех подряд? И ничего с этим не поделать? Мне даже показалось, что немного тормозит инет по сравнению с «обычно». Правда, я не залезал в эти логи ни год назад, ни два... может так было каждый день, а может и нет, непонятно.

~~i-want-a-fix~~
(05.09.16 22:04:02 MSK) автор топика

Ссылка

Ты сам заатачил ленту! Перед третьим абзацем поставь [cut].

mandala ★★★★★
(05.09.16 22:49:10 MSK)

У тебя канал 64кбит? или 9600 ? :) Тогда это DoS

vel ★★★★★
(05.09.16 22:58:39 MSK)

Ответ на: комментарий от vel 05.09.16 22:58:39 MSK

100 мбит, а что?

~~i-want-a-fix~~
(05.09.16 23:02:48 MSK) автор топика

DROP-ай все пакеты на 80 и 443 порт снаружи и не забивай голову.

Radjah ★★★★★
(05.09.16 23:16:37 MSK)

Ссылка

Ответ на: комментарий от mandala 05.09.16 22:49:10 MSK

Поставил, но ничего не получилось. Нажал предпросмотр, спойлер не сработал.

~~i-want-a-fix~~
(05.09.16 23:16:57 MSK) автор топика

это автоматический трахатель windows стучится, не переживай. Обычное дело. Ещё пароли к ssh могут перебирать.

legolegs ★★★★★
(05.09.16 23:23:31 MSK)

Ответ на: комментарий от legolegs 05.09.16 23:23:31 MSK

На компе Kubuntu, а не Windows. Никакого специфического софта тоже нет. Но полистав форумы Netgear я понял, что это массовая штука, вроде какой-то пакетный флуд и ничего особенного.

~~i-want-a-fix~~
(05.09.16 23:30:51 MSK) автор топика

Ссылка

Ответ на: комментарий от i-want-a-fix 05.09.16 23:02:48 MSK

на 100Мбитах эти жалкие сотни пакетов в час вообще никто не заметит. Постоянное сканирование ботами - это норма жизни в инете, особенно если ты счастливый вледелец внешнего ip.

Поставь DROP для этих портов и успокойся.

vel ★★★★★
(05.09.16 23:32:17 MSK)

Ответ на: комментарий от Vsevolod-linuxoid 05.09.16 21:56:37 MSK

В чем тут будет состоять удача, а главное выгода, от ддоса всяких домохозяек?

~~vertexua~~ ★★★★★
(05.09.16 23:33:53 MSK)

Ответ на: комментарий от i-want-a-fix 05.09.16 23:16:57 MSK

Оно работает в ленте, это «кат» а не спойлер. Изменения видно здесь: www.linux.org.ru/forum/lenta/. [cut] можно закрыть и продолжить писать. Пример лоркода для этой темы:


<пропущено>

Впервые в роутере открыл журнал логов и получил вот такое:

[cut=Содержимое лога]

<само содержимое>

[/cut]

Потом я решил перезапустить роутер и комп...

Это чтобы ленту не пучило.

mandala ★★★★★
(05.09.16 23:38:38 MSK)

Ответ на: комментарий от vertexua 05.09.16 23:33:53 MSK

Всякие дырки и бэкдоры в стоковых прошивках, которые домохозяйки не обновляют с покупки шайтан-коробки и до высыхания конденсаторов в ней.

Radjah ★★★★★
(05.09.16 23:40:24 MSK)

Ссылка

Ответ на: комментарий от vel 05.09.16 23:32:17 MSK

Поставь DROP для этих портов и успокойся.

Это где-то в админке роутера делается?

~~i-want-a-fix~~
(05.09.16 23:48:19 MSK) автор топика

Ссылка

Ответ на: комментарий от mandala 05.09.16 23:38:38 MSK

Готово.

~~i-want-a-fix~~
(05.09.16 23:50:54 MSK) автор топика

Ответ на: комментарий от i-want-a-fix 05.09.16 23:50:54 MSK

Спасибо.

mandala ★★★★★
(05.09.16 23:56:57 MSK)

Ссылка

так что отследить по IP и навалять (как по старинке) не получится!

Как говорится «Я твой роутер IP шатал и сетку ыбал!»

~~rezedent12~~ ☆☆☆
(06.09.16 11:39:54 MSK)
Последнее исправление: rezedent12 06.09.16 11:40:09 MSK (всего исправлений: 1)

Ссылка

Это все потому что некоторые ребята стали часто играть с KaliLinux!

bookman900 ★★★★★
(06.09.16 11:43:24 MSK)

Ответ на: комментарий от bookman900 06.09.16 11:43:24 MSK

И чем это может грозить помимо тормозов интернета?

~~i-want-a-fix~~
(06.09.16 11:48:15 MSK) автор топика

Ничего особенного. Китайские хацкеры ищут уязвимости на компах с windows или linux с systemd. Хотят подсадить майнера, ддос-бота и т.д.

Lavos ★★★★★
(06.09.16 11:50:25 MSK)

Ответ на: комментарий от Lavos 06.09.16 11:50:25 MSK

Китайские хацкеры ищут уязвимости на компах с windows или linux с systemd.

А в Kubuntu 14.04 оно есть или еще нет?

~~i-want-a-fix~~
(06.09.16 11:54:12 MSK) автор топика

Ответ на: комментарий от i-want-a-fix 06.09.16 11:54:12 MSK

В 14.04 нет.

Lavos ★★★★★
(06.09.16 12:02:08 MSK)

Ссылка

Ответ на: комментарий от i-want-a-fix 06.09.16 11:48:15 MSK

Ломом страничек ВК и прочей дурью. Вполне возможно, что вместо учебных целей по взлому они применяют реальные IP адреса пользователей.

bookman900 ★★★★★
(06.09.16 12:53:54 MSK)

Ссылка

Обрати внимание на то, что один и тот же ip не упорствует. Ботнет создан для обхода fail2ban на серваках. Перебирает всё подряд. Так что отключай доступ извне и живи спокойно.

Deleted
(06.09.16 13:19:41 MSK)

Ответ на: комментарий от vertexua 05.09.16 23:33:53 MSK

Да не DDoS это ни разу. Обычный скан. Это еще совсем по чуть-чуть прилетает. Просто ищут открытые хосты/порты.

eabi ★
(06.09.16 13:24:39 MSK)

Ссылка

Ответ на: комментарий от Deleted 06.09.16 13:19:41 MSK

Как это сделать на роутере Netgear? Какие настройки?

~~i-want-a-fix~~
(06.09.16 13:46:00 MSK) автор топика

Ответ на: комментарий от i-want-a-fix 06.09.16 13:46:00 MSK

Попробуй прошивку на последнюю сменить. У меня на рабочем нетгире закрыли доступ в админку из wan и впилили отключение wps в новой прошивке.

Deleted
(06.09.16 13:54:50 MSK)

Ссылка

Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.

←	VPN: где и какой

Security

Проблемы с доступом к onion сайтам

→

Похожие темы