Neil72
12-11-2005, 23:03
Ciao raga, in merito ai problemi del mulo, mi sono preso il tempo di fare un log :D con l'utility del mio router (draytec 2600), avendo abilitato tutto il sistema firewall(dos defense ecc. ecc. ecc.) vi posto un log fatto circa un'ora fa per vedere se riusciamo a capire che pacchetti, arrivano con il ns provider libero :grrr: :grrr: ,151.37.217.xxx in merito all'uso del mulo, io purtroppo in merito al log sotto non sono molto ferrato :mc:
Potete distinguere un pc con ip finale x, e un pc con ip finale y, in rete tramite uno switch della d-link.
134 Nov 13 21:10:54 Vigor DoS udp_flood Block(10s) 83.184.223.174,4672 -> 151.37.217.xxx,12521 PR udp len 20 34
134 Nov 13 21:11:17 Vigor DoS udp_flood Block(10s) 84.110.74.18,11 -> 151.37.217.xxx,4673 PR udp len 20 147
134 Nov 13 21:12:30 Vigor DoS udp_flood Block(10s) 82.49.133.45,4672 -> 151.37.217.xxx,12521 PR udp len 20 34
134 Nov 13 21:12:47 Vigor DoS syn_flood Block(10s) 151.30.213.175,3531 -> 151.37.217.xxx,4663 PR tcp len 20 48 -S 2024698901 0
134 Nov 13 21:12:59 Vigor DoS icmp_flood Block(10s) 82.54.82.107 -> 151.37.217.xxx PR icmp len 20 88 icmp 3/3
134 Nov 13 21:13:09 Vigor DoS udp_flood Block(10s) 213.98.222.111,11697 -> 151.37.217.xxx,4673 PR udp len 20 122
134 Nov 13 21:13:44 Vigor DoS udp_flood Block(10s) 83.47.66.207,14369 -> 151.37.217.xxx,4673 PR udp len 20 63
134 Nov 13 21:14:14 Vigor DoS udp_flood Block(10s) 80.230.3.25,6672 -> 151.37.217.xxx,4673 PR udp len 20 147
134 Nov 13 21:14:43 Vigor DoS udp_flood Block(10s) 81.220.24.129,4672 -> 151.37.217.xxx,4673 PR udp len 20 147
150 Nov 13 21:14:22 Vigor Local User: 192.168.1.x:12521 -> 87.3.183.246:21090 (UDP)
150 Nov 13 21:14:22 Vigor Open port: 84.222.146.181:4936 -> 192.168.1.x:12520 (TCP)
150 Nov 13 21:14:22 Vigor Local User: 192.168.1.x:1470 -> 151.46.9.132:4662 (TCP) close connection
150 Nov 13 21:14:22 Vigor Open port: 151.52.5.88:4672 -> 192.168.1.y:4673 (UDP)
150 Nov 13 21:14:23 Vigor Local User: 192.168.1.x:1465 -> 84.222.11.240:4662 (TCP) close connection
150 Nov 13 21:14:23 Vigor Local User: 192.168.1.x:1532 -> 82.54.86.178:4662 (TCP)
Se qualche informatico in gamba possa illuminarmi, lo ringrazio anticipatamente, anche a nome di chi come me usa (libero )
Potete distinguere un pc con ip finale x, e un pc con ip finale y, in rete tramite uno switch della d-link.
134 Nov 13 21:10:54 Vigor DoS udp_flood Block(10s) 83.184.223.174,4672 -> 151.37.217.xxx,12521 PR udp len 20 34
134 Nov 13 21:11:17 Vigor DoS udp_flood Block(10s) 84.110.74.18,11 -> 151.37.217.xxx,4673 PR udp len 20 147
134 Nov 13 21:12:30 Vigor DoS udp_flood Block(10s) 82.49.133.45,4672 -> 151.37.217.xxx,12521 PR udp len 20 34
134 Nov 13 21:12:47 Vigor DoS syn_flood Block(10s) 151.30.213.175,3531 -> 151.37.217.xxx,4663 PR tcp len 20 48 -S 2024698901 0
134 Nov 13 21:12:59 Vigor DoS icmp_flood Block(10s) 82.54.82.107 -> 151.37.217.xxx PR icmp len 20 88 icmp 3/3
134 Nov 13 21:13:09 Vigor DoS udp_flood Block(10s) 213.98.222.111,11697 -> 151.37.217.xxx,4673 PR udp len 20 122
134 Nov 13 21:13:44 Vigor DoS udp_flood Block(10s) 83.47.66.207,14369 -> 151.37.217.xxx,4673 PR udp len 20 63
134 Nov 13 21:14:14 Vigor DoS udp_flood Block(10s) 80.230.3.25,6672 -> 151.37.217.xxx,4673 PR udp len 20 147
134 Nov 13 21:14:43 Vigor DoS udp_flood Block(10s) 81.220.24.129,4672 -> 151.37.217.xxx,4673 PR udp len 20 147
150 Nov 13 21:14:22 Vigor Local User: 192.168.1.x:12521 -> 87.3.183.246:21090 (UDP)
150 Nov 13 21:14:22 Vigor Open port: 84.222.146.181:4936 -> 192.168.1.x:12520 (TCP)
150 Nov 13 21:14:22 Vigor Local User: 192.168.1.x:1470 -> 151.46.9.132:4662 (TCP) close connection
150 Nov 13 21:14:22 Vigor Open port: 151.52.5.88:4672 -> 192.168.1.y:4673 (UDP)
150 Nov 13 21:14:23 Vigor Local User: 192.168.1.x:1465 -> 84.222.11.240:4662 (TCP) close connection
150 Nov 13 21:14:23 Vigor Local User: 192.168.1.x:1532 -> 82.54.86.178:4662 (TCP)
Se qualche informatico in gamba possa illuminarmi, lo ringrazio anticipatamente, anche a nome di chi come me usa (libero )