O que esse arquivo de log de roteador significa?

Navegue suas respostas
0

Eu estava apenas verificando os logs do roteador para ver que tipo de informação está armazenada e localizei este arquivo: 

"May 14 21:13:36  ","PING-FLOODING flooding attack from WAN (ip:89.170.246.114) detected."
"May 14 21:13:28  ","PING-FLOODING flooding attack from WAN (ip:89.170.246.114) detected."
"May 14 21:12:41  ","PING-FLOODING flooding attack from WAN (ip:77.1.237.165) detected."
"May 14 21:12:34  ","PING-FLOODING flooding attack from WAN (ip:77.1.237.165) detected."
"May 14 21:12:32  ","PING-FLOODING flooding attack from WAN (ip:90.50.156.104) detected."
"May 14 21:12:31  ","PING-FLOODING flooding attack from WAN (ip:77.1.237.165) detected."
"May 14 21:12:31  ","PING-FLOODING flooding attack from WAN (ip:190.164.165.139) detected."
"May 14 21:12:29  ","PING-FLOODING flooding attack from WAN (ip:90.50.156.104) detected."
"May 14 21:12:28  ","PING-FLOODING flooding attack from WAN (ip:190.164.165.139) detected."
"May 14 21:12:00  ","PING-FLOODING flooding attack from WAN (ip:81.164.108.34) detected."
"May 14 21:11:54  ","PING-FLOODING flooding attack from WAN (ip:81.164.108.34) detected."
"May 14 21:11:51  ","PING-FLOODING flooding attack from WAN (ip:81.164.108.34) detected."
"May 14 21:10:20  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 21:10:16  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 21:10:14  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 21:10:03  ","PING-FLOODING flooding attack from WAN (ip:178.119.213.62) detected."
"May 14 21:09:57  ","PING-FLOODING flooding attack from WAN (ip:178.119.213.62) detected."
"May 14 21:09:54  ","PING-FLOODING flooding attack from WAN (ip:178.119.213.62) detected."
"May 14 21:03:21  ","PING-FLOODING flooding attack from WAN (ip:88.167.57.184) detected."
"May 14 21:03:15  ","PING-FLOODING flooding attack from WAN (ip:88.167.57.184) detected."
"May 14 21:03:12  ","PING-FLOODING flooding attack from WAN (ip:88.167.57.184) detected."
"May 14 21:02:04  ","PING-FLOODING flooding attack from WAN (ip:62.87.233.44) detected."
"May 14 21:01:55  ","PING-FLOODING flooding attack from WAN (ip:62.87.233.44) detected."
"May 14 21:01:15  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 21:01:11  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 21:01:09  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 21:00:04  ","PING-FLOODING flooding attack from WAN (ip:84.193.34.126) detected."
"May 14 20:59:58  ","PING-FLOODING flooding attack from WAN (ip:84.193.34.126) detected."
"May 14 20:58:53  ","Xmas port scan attack from WAN (ip:85.230.107.60) detected."
"May 14 20:58:47  ","PING-FLOODING flooding attack from WAN (ip:178.119.213.62) detected."
"May 14 20:58:44  ","PING-FLOODING flooding attack from WAN (ip:81.164.108.34) detected."
"May 14 20:58:41  ","PING-FLOODING flooding attack from WAN (ip:178.119.213.62) detected."
"May 14 20:58:38  ","PING-FLOODING flooding attack from WAN (ip:81.164.108.34) detected."
"May 14 20:58:38  ","PING-FLOODING flooding attack from WAN (ip:178.119.213.62) detected."
"May 14 20:58:35  ","PING-FLOODING flooding attack from WAN (ip:81.164.108.34) detected."
"May 14 20:56:53  ","PING-FLOODING flooding attack from WAN (ip:138.38.187.151) detected."
"May 14 20:55:10  ","Xmas port scan attack from WAN (ip:85.230.107.60) detected."
"May 14 20:53:12  ","DHCP: Server sending ACK to 192.168.0.111. (Lease time = 86400)"
"May 14 20:53:12  ","DHCP: Server receive REQUEST from 70:54:d2:3b:b0:9f."
"May 14 20:52:55  ","PING-FLOODING flooding attack from N/A (ip:192.168.0.1) detected."
"May 14 20:52:07  ","PING-FLOODING flooding attack from N/A (ip:192.168.0.1) detected."
"May 14 20:52:05  ","DHCP: Client receive ACK from 195.130.132.103, IP=178.119.152.209, Lease time=7200."
"May 14 20:49:31  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 20:49:27  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 20:49:25  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 20:47:00  ","PING-FLOODING flooding attack from WAN (ip:188.155.203.92) detected."
"May 14 20:46:54  ","PING-FLOODING flooding attack from WAN (ip:188.155.203.92) detected."
"May 14 20:46:51  ","PING-FLOODING flooding attack from WAN (ip:188.155.203.92) detected."
"May 14 20:46:35  ","PING-FLOODING flooding attack from WAN (ip:84.198.77.152) detected."
"May 14 20:46:30  ","PING-FLOODING flooding attack from WAN (ip:84.198.77.152) detected."
"May 14 20:46:27  ","PING-FLOODING flooding attack from WAN (ip:84.198.77.152) detected."
"May 14 20:43:55  ","PING-FLOODING flooding attack from WAN (ip:72.69.2.75) detected."
"May 14 20:43:50  ","PING-FLOODING flooding attack from WAN (ip:72.69.2.75) detected."
"May 14 20:43:47  ","PING-FLOODING flooding attack from WAN (ip:72.69.2.75) detected."
"May 14 20:43:43  ","PING-FLOODING flooding attack from WAN (ip:90.162.112.218) detected."
"May 14 20:43:37  ","PING-FLOODING flooding attack from WAN (ip:90.162.112.218) detected."
"May 14 20:43:34  ","PING-FLOODING flooding attack from WAN (ip:90.162.112.218) detected."
"May 14 20:41:34  ","PING-FLOODING flooding attack from WAN (ip:109.72.37.191) detected."
"May 14 20:41:27  ","PING-FLOODING flooding attack from WAN (ip:109.72.37.191) detected."
"May 14 20:41:18  ","PING-FLOODING flooding attack from WAN (ip:84.193.34.126) detected."
"May 14 20:41:16  ","PING-FLOODING flooding attack from WAN (ip:88.165.2.242) detected."
"May 14 20:41:10  ","PING-FLOODING flooding attack from WAN (ip:88.165.2.242) detected."
"May 14 20:41:07  ","PING-FLOODING flooding attack from WAN (ip:88.165.2.242) detected."
"May 14 20:40:36  ","PING-FLOODING flooding attack from WAN (ip:95.90.39.85) detected."
"May 14 20:40:27  ","PING-FLOODING flooding attack from WAN (ip:95.90.39.85) detected."
"May 14 20:40:14  ","PING-FLOODING flooding attack from WAN (ip:81.164.108.34) detected."
"May 14 20:40:13  ","PING-FLOODING flooding attack from WAN (ip:178.119.213.62) detected."
"May 14 20:40:10  ","PING-FLOODING flooding attack from WAN (ip:178.119.213.62) detected."
"May 14 20:40:08  ","PING-FLOODING flooding attack from WAN (ip:81.164.108.34) detected."
"May 14 20:40:05  ","PING-FLOODING flooding attack from WAN (ip:81.164.108.34) detected."
"May 14 20:40:05  ","PING-FLOODING flooding attack from WAN (ip:178.119.213.62) detected."
"May 14 20:38:50  ","PING-FLOODING flooding attack from WAN (ip:78.94.76.158) detected."
"May 14 20:38:46  ","Xmas port scan attack from WAN (ip:85.230.178.204) detected."
"May 14 20:38:36  ","PING-FLOODING flooding attack from WAN (ip:90.42.202.97) detected."
"May 14 20:38:30  ","PING-FLOODING flooding attack from WAN (ip:90.42.202.97) detected."
"May 14 20:38:27  ","PING-FLOODING flooding attack from WAN (ip:90.42.202.97) detected."
"May 14 20:38:14  ","DHCP: Server sending ACK to 192.168.0.110. (Lease time = 86400)"
"May 14 20:38:14  ","DHCP: Server receive REQUEST from 00:0c:f6:be:d5:aa."
"May 14 20:37:43  ","PING-FLOODING flooding attack from WAN (ip:81.250.81.58) detected."
"May 14 20:37:37  ","PING-FLOODING flooding attack from WAN (ip:81.250.81.58) detected."
"May 14 20:37:31  ","PING-FLOODING flooding attack from WAN (ip:81.250.81.58) detected."
"May 14 20:37:23  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 20:37:19  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 20:37:17  ","PING-FLOODING flooding attack from WAN (ip:176.58.245.155) detected."
"May 14 20:37:00  ","PING-FLOODING flooding attack from WAN (ip:109.90.236.78) detected."
"May 14 20:36:54  ","PING-FLOODING flooding attack from WAN (ip:109.90.236.78) detected."
"May 14 20:36:53  ","Xmas port scan attack from WAN (ip:85.230.178.204) detected."
"May 14 20:36:51  ","PING-FLOODING flooding attack from WAN (ip:109.90.236.78) detected."
"May 14 20:34:23  ","PING-FLOODING flooding attack from WAN (ip:84.198.77.152) detected."
"May 14 20:34:23  ","PING-FLOODING flooding attack from WAN (ip:86.169.77.167) detected."
"May 14 20:34:21  ","Xmas port scan attack from WAN (ip:88.91.136.177) detected."
"May 14 20:34:17  ","PING-FLOODING flooding attack from WAN (ip:84.198.77.152) detected."
"May 14 20:34:14  ","PING-FLOODING flooding attack from WAN (ip:84.198.77.152) detected."
"May 14 20:33:56  ","Xmas port scan attack from WAN (ip:2.81.36.50) detected."
"May 14 20:32:20  ","PING-FLOODING flooding attack from WAN (ip:84.147.65.161) detected."

...

... e continua.

Isso é algum tipo de ataque de DDOS (duvido muito) ou é normal obter essa quantidade de solicitações de ping?

Eu mencionarei que nosso provedor de internet nos classificou como "grandes gastadores" e agora somos forçados a navegar em banda estreita pelo resto do mês. Pode ser uma pergunta estúpida, mas pelo menos eu vou aprender alguma coisa.

Obrigado.

    
por Simon 14.05.2013 / 22:25

1 resposta

0

Neste caso, parece ser exatamente o que diz ser. Se você enviar seus logs para o ISP, talvez faça com que você seja restabelecido na banda larga, já que claramente não é o tráfego que você deseja.

    
por 15.05.2013 / 19:14

Tags

Visio 2010 Organograma O Firewall está bloqueando a solicitação de eco na porta 7 (TCP)