Logo GNT
Actualités Tests & Guides Bons Plans
Twitter iPhone pliant OnePlus 11 PS5 Disney+ Orange Livebox Windows 11
Entraide Windows Windows XP Discussions Générales Attaque Dos ?

Attaque Dos ?

11 réponses
Avatar
Mylene
Bonjour,

Je ne sais pas trop ou poster donc ne pas me crier dessus :-)

Voilà depuis quelques temps j'ai des soucis avec mes connections internet,
et maintenant comme je l'ai configuré, je reçois par e-mail les logs a
partir du routeur les derniers en date m'intriguent et le
partiel de ceux d'uajourd'hui le whois IP indiquant presque tous
provenance
de russie

Qu'en pensez vous ? C'est le routeur qui déraille ?

Merci par avance


Ceux indiquant une attaque DOS
LAN access from remote] from 77.67.22.172:20 to 192.168.0.4:1036 Monday,
Dec
14,2009 08:16:26
[DOS attack: IP Spoof] attack packets in last 20 sec from ip
[192.168.0.58],
Monday, Dec 14,2009 03:57:22
[DOS attack: IP Spoof] attack packets in last 20 sec from ip
[192.168.0.97],
Sunday, Dec 13,2009 23:43:51
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:5001 Sunday,
Dec 13,2009 21:21:02
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:1027 Sunday,
Dec 13,2009 21:10:43
[[DOS attack: IP Spoof] attack packets in last 20 sec from ip
[192.168.0.254], Sunday, Dec 13,2009 19:36:52
[DOS attack: Smurf] attack packets in last 20 sec from ip [79.156.34.255],
Sunday, Dec 13,2009 18:21:12
[[DOS attack: Smurf] attack packets in last 20 sec from ip
[94.170.148.255],
Sunday, Dec 13,2009 15:17:29
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:5002 Sunday,
Dec 13,2009 13:45:06
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:5001 Sunday,
Dec 13,2009 13:44:17
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:5001 Sunday,
Dec 13,2009 13:24:57
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:1027 Sunday,
Dec 13,2009 13:14:38
[[DOS attack: Smurf] attack packets in last 20 sec from ip [81.97.9.255],
Saturday, Dec 12,2009 22:46:34
[DOS attack: Smurf] attack packets in last 20 sec from ip
[151.33.169.255],
Saturday, Dec 12,2009 19:31:06
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:1095
Saturday,
Dec 12,2009 19:28:42
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:1085
Saturday,
Dec 12,2009 18:50:31
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:5002
Saturday,
Dec 12,2009 17:51:56
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:5001
Saturday,
Dec 12,2009 17:51:45
[[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:5001
Saturday,
Dec 12,2009 14:03:19
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:1027
Saturday,
Dec 12,2009 13:52:59
[LAN access from remote] from 83.14.126.26:3739 to 192.168.0.14:21
Saturday,
Dec 12,2009 11:04:23
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:1027 Friday,
Dec 11,2009 18:16:59
[DOS attack: IP Spoof] attack packets in last 20 sec from ip
[192.168.0.5],
Friday, Dec 11,2009 14:15:01
[DOS attack: Smurf] attack packets in last 20 sec from ip [66.229.96.255],
Friday, Dec 11,2009 14:00:03
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:1059 Friday,
Dec 11,2009 13:40:42
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:1057 Friday,
Dec 11,2009 13:26:59
[DOS attack: IP Spoof] attack packets in last 20 sec from ip
[192.168.0.2],
Friday, Dec 11,2009 11:17:04
[DOS attack: IP Spoof] attack packets in last 20 sec from ip
[192.168.0.2],
Friday, Dec 11,2009 10:57:03
[DOS attack: STORM] attack packets in last 20 sec from ip [66.28.246.2],
Friday, Dec 11,2009 09:06:49
[DOS attack: STORM] attack packets in last 20 sec from ip [66.28.246.2],
Friday, Dec 11,2009 09:06:29
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.4:5001 Friday,
Dec 11,2009 08:30:11
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.4:1028 Friday,
Dec 11,2009 08:19:47
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:5002 Friday,
Dec 11,2009 08:16:00
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:5001 Friday,
Dec 11,2009 08:15:28
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:5001
Thursday,
Dec 10,2009 20:20:31
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:1027
Thursday,
Dec 10,2009 20:10:10
[[DOS attack: Smurf] attack packets in last 20 sec from ip
[118.173.149.255], Thursday, Dec 10,2009 15:04:58
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:1043
Thursday,
Dec 10,2009 12:11:57
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:1089
Thursday,
Dec 10,2009 11:04:53
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:5001
Thursday,
Dec 10,2009 08:54:26
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.5:1027
Thursday,
Dec 10,2009 08:44:06
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.4:5001
Thursday,
Dec 10,2009 08:31:11
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.4:1034
Thursday,
Dec 10,2009 08:20:45
[DOS attack: Smurf] attack packets in last 20 sec from ip
[66.190.166.255],
Monday, Dec 07,2009 12:30:20
[DOS attack: IP Spoof] attack packets in last 20 sec from ip
[192.168.0.2],
Monday, Dec 07,2009 12:23:20
[DOS attack: IP Spoof] attack packets in last 20 sec from ip
[192.168.0.2],
Monday, Dec 07,2009 10:53:12
[DOS attack: Smurf] attack packets in last 20 sec from ip [83.38.220.255],
Monday, Dec 07,2009 10:32:07
[DOS attack: Smurf] attack packets in last 20 sec from ip [94.209.67.255],
Monday, Dec 07,2009 09:56:18
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.4:5001 Monday,
Dec 07,2009 08:28:20
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:1050 Monday,
Dec 07,2009 08:19:20
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.4:1034 Monday,
Dec 07,2009 08:18:07
[DOS attack: Smurf] attack packets in last 20 sec from ip [122.164.0.255],
Wednesday, Dec 02,2009 17:32:15
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.3:1096
Wednesday,
Dec 02,2009 09:14:50
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.4:5001
Wednesday,
Dec 02,2009 08:51:59
[LAN access from remote] from 77.67.22.172:20 to 192.168.0.4:1036
Wednesday,
Dec 02,2009 08:41:36


Une partie de ceux d'aujourd'hui:
LAN access from remote] from 213.154.165.242:12666 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:12
[LAN access from remote] from 195.46.32.153:61423 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:12
[LAN access from remote] from 92.243.181.142:40554 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:12
[LAN access from remote] from 92.243.167.170:39707 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:12
[LAN access from remote] from 78.84.176.152:55668 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:10
[LAN access from remote] from 208.29.186.116:35871 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:09
[LAN access from remote] from 82.243.97.51:1192 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:09
[LAN access from remote] from 84.52.25.102:56940 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:08
[LAN access from remote] from 85.27.133.89:1812 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:08
[LAN access from remote] from 79.116.130.21:36090 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:08
[LAN access from remote] from 89.112.70.27:25521 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:07
[LAN access from remote] from 70.68.121.43:45682 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:07
[LAN access from remote] from 87.228.47.70:33657 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:05
[LAN access from remote] from 79.146.230.157:23118 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:05
[LAN access from remote] from 94.195.89.31:15133 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:04
[LAN access from remote] from 195.158.233.113:12850 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:03
[LAN access from remote] from 90.11.154.145:9989 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:03:01
LAN access from remote] from 188.134.38.25:18684 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:56
[LAN access from remote] from 95.165.170.166:50901 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:55
[LAN access from remote] from 91.146.51.243:62099 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:54
[LAN access from remote] from 81.35.29.167:45682 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:54
[LAN access from remote] from 82.144.213.4:1204 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:54
[LAN access from remote] from 92.96.27.191:62520 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:54
[LAN access from remote] from 85.140.61.233:28260 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:53
[LAN access from remote] from 94.102.118.67:43075 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:53
[LAN access from remote] from 66.191.173.177:62601 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:53
[LAN access from remote] from 94.178.12.86:37741 to 192.168.0.3:43787
Wednesday, Dec 16,2009 19:01:51




___________________________________________________________________________
J'utilise le logiciel antispam Vade Retro (http://www.antispam.fr) pour
protéger ma messagerie des courriers indésirables.
Depuis son installation, Vade Retro a filtré 141 courriers indésirables
sur 1275 messages reçus.
Signaler un problème avec ce contenu

1 réponse

Supprimer
Cette action est irreversible, confirmez la suppression du commentaire ?
Signaler le commentaire

Veuillez sélectionner un problème

Nudité
Violence
Harcèlement
Fraude
Vente illégale
Discours haineux
Terrorisme
Autre
1 2
Avatar
Mylene
"Oliver One" a écrit dans le message de news:

Bonjour ou bonsoir à Mylene qui dans son message précédent a écrit :
Alors dans le routeur j'ai vu que UPnp (j'avais cochée Turn UPnP On) il
y a
actif en protocol TCP et UDP le port 43787 int port et ext port IP
192.168.0.3 donc mon portable



Donc il faut chercher sur le portable le soft qui a ouvert ces ports
automatiquement via l'UPnp, un client P2P par exemple.

--
Patience et longueur de temps font plus que force ni que rage
------------------------------
Olivier




Bonjour,

He bien il semble que le problème soit résolu, j'ai reconfiguré cette
histoire de NAT Filtering en secured au lieu de Open, supprimée le Turn
UPnP
et fait des recherches
sur ce port ouvert en permanence, Olivier m'ayant mis sur une bonne piste
,
et sur lequel (port) il y avait des tentatives de connections en
permanence
(c'etait vraiment sans arret meme la nuit et des IP d'un peu partout,
Russie, Espagne, Canada, USA etc..) j'ai trouvé un truc bizarre genre
utorent qui avait ouvert ce port. Perso jamais installée ce
genre de truc, par contre pour une amie je luis avais fait une clé USB
(Framakey) et il me semble que ce soft y était ajouté et qu'elle a du
l'utiliser en test sur le portable !

J'ai viré aussi, depuis ma connection ne rame plus, plus de pertes de
conection et plus d'alertes dans le routeur, je comprend mieux maintenant
les problèmes de conections !bon j'ai bien vu encore des attaques dos ,
smurf mais le routeur fait bien son boulot et c'est une de temps en temps
!

Dans le DMZ j'ai laissé vide donc une adreese propre :-)

Je vai s me repencher sur le Forwarding que j'avais pratiquée dejà pour
des BeeBox sinon cela ne fonctionnait pas.J'utilise également TVersity sur
les PC, TV Philips Media Manager que j'ai
aussi mis de coté, et la PS3 j'ai également laissé de coté vu que le Média
server fait cela admirablement bien. La Wii j'ai pas verifiée Il me semble
apres tests que les Live Messengers fonctionnent sans soucis alors
qu'avant
(sur les anciennes versions)il fallait que Turn UPnP soit
coché pour fonctionner.La ca me dit bien que je suis connecte a internet
par un dispositif NAT de restriction de ports non UPnP (Administrateur)
mais
ca a l'air de fonctionner correctement

Encore merci a tous pour vos réponses et votre patience



___________________________________________________________________________
J'utilise le logiciel antispam Vade Retro (http://www.antispam.fr) pour
protéger ma messagerie des courriers indésirables.
Depuis son installation, Vade Retro a filtré 325 courriers indésirables
sur 1528 messages reçus.
1 2