[Durham] big increase in firewall alerts
Dougie Nisbet
dougie at highmoor.co.uk
Mon Oct 6 06:29:44 UTC 2014
Not really Linux related but seeing huge increase in firewall alerts from my router. Started yesterday afternoon. The source IP varies. Anyone else noticed an increase in activity?
2014/10/06 06:18:38 -- [DOS][Block][tcp_flag, scanner=xmas_scan][195.5.177.162:0->82.71.45.75:0][TCP][HLen=20, TLen=60, Flag=UPAF, Seq=1540996429, Ack=0, Win=6667]
2014/10/06 06:19:00 -- [DOS][Block][tcp_flag, scanner=syn_rst][188.226.164.184:0->82.71.45.75:0][TCP][HLen=20, TLen=60, Flag=USR, Seq=1578576465, Ack=0, Win=6667]
2014/10/06 06:20:51 -- [DOS][Block][tcp_flag, scanner=fin_wo_ack][85.133.23.50:0->82.71.45.75:0][TCP][HLen=20, TLen=60, Flag=USRF, Seq=1054004090, Ack=0, Win=6667]
2014/10/06 06:21:10 -- [DOS][Block][tcp_flag, scanner=psh_wo_ack][82.222.7.139:0->82.71.45.75:0][TCP][HLen=20, TLen=60, Flag=URP, Seq=1578576465, Ack=0, Win=6667]
2014/10/06 06:23:19 -- [DOS][Block][tcp_flag, scanner=fin_wo_ack][31.6.70.100:0->82.71.45.75:0][TCP][HLen=20, TLen=60, Flag=PF, Seq=3233450190, Ack=0, Win=6667]
More information about the Durham
mailing list