Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Am I getting DOSed or something?
New Posts  All Forums:Forum Nav:

Am I getting DOSed or something?

post #1 of 20
Thread Starter 
Hey guys,

Just roaming through the router logs this fine evening and I see mulitple entries for LAN Access from remote and DOS:Storm stuff. I verified every other entry as I device I own (DHCP requests) Any ideas on what this is, or how to stop it? I've attached the log if that helps. Thanks!!!!

192.168.1.3 is my main windows 7 PC, and it seems to be running normally
Edited by fishman78 - 3/6/11 at 8:35pm
    
CPUMotherboardGraphicsRAM
Intel Core i7 3820 @ 4.3GHz Gigabyte x79-UD3 MSI GTX 570 4x4GB Corsair Vengeance - Quad Channel 
Hard DriveHard DriveOptical DriveCooling
256GB Vertex 4 Seagate 1 TB 7200 RMP LG Multi Corsair H100 
OSMonitorKeyboardPower
Windows 7 Ultimate 64bit BenQ GW2750 Razer BlackWidow Tournament 10 key less Corsair 850AX 
CaseMouseMouse PadAudio
Obsidian 800D G500 XFX WarPad OMB 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core i7 3820 @ 4.3GHz Gigabyte x79-UD3 MSI GTX 570 4x4GB Corsair Vengeance - Quad Channel 
Hard DriveHard DriveOptical DriveCooling
256GB Vertex 4 Seagate 1 TB 7200 RMP LG Multi Corsair H100 
OSMonitorKeyboardPower
Windows 7 Ultimate 64bit BenQ GW2750 Razer BlackWidow Tournament 10 key less Corsair 850AX 
CaseMouseMouse PadAudio
Obsidian 800D G500 XFX WarPad OMB 
  hide details  
Reply
post #2 of 20
Do you have anything explicitly forwarded on that port?
Source is a Canadian IP with TekSavvy..
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
post #3 of 20
Thread Starter 
Quote:
Originally Posted by beers View Post
Do you have anything explicitly forwarded on that port?
Source is a Canadian IP with TekSavvy..
Nothing that I know of. Port forward table is empty. There is also another address from the Netherlands.... I have no idea what this is all about... Maybe a port scan??
    
CPUMotherboardGraphicsRAM
Intel Core i7 3820 @ 4.3GHz Gigabyte x79-UD3 MSI GTX 570 4x4GB Corsair Vengeance - Quad Channel 
Hard DriveHard DriveOptical DriveCooling
256GB Vertex 4 Seagate 1 TB 7200 RMP LG Multi Corsair H100 
OSMonitorKeyboardPower
Windows 7 Ultimate 64bit BenQ GW2750 Razer BlackWidow Tournament 10 key less Corsair 850AX 
CaseMouseMouse PadAudio
Obsidian 800D G500 XFX WarPad OMB 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core i7 3820 @ 4.3GHz Gigabyte x79-UD3 MSI GTX 570 4x4GB Corsair Vengeance - Quad Channel 
Hard DriveHard DriveOptical DriveCooling
256GB Vertex 4 Seagate 1 TB 7200 RMP LG Multi Corsair H100 
OSMonitorKeyboardPower
Windows 7 Ultimate 64bit BenQ GW2750 Razer BlackWidow Tournament 10 key less Corsair 850AX 
CaseMouseMouse PadAudio
Obsidian 800D G500 XFX WarPad OMB 
  hide details  
Reply
post #4 of 20
Just went to the domain of the IP.

It's... Vonage. http://69.165.143.63/cgi-bin/webcm

I have no idea what is going on, but it looks to me like it's VoIP or something.
My System
(17 items)
 
  
CPUMotherboardGraphicsRAM
i5 3570k - 4.3 GHz ~1.16V ASRock Z77 Extreme4-M Gigabyte HD 7870 8GB G.Skill Sniper DDR3 1600 9-9-9-24 
Hard DriveHard DriveHard DriveCooling
Crucial M4 128GB WD Blue WD10EZEX 1TB WD Green WD5000AADS 500GB Hyper 212 EVO 
OSMonitorMonitorKeyboard
Windows 7 Crossover 27Q Dell SR2320L Logitech G510 
PowerCaseMouseMouse Pad
OCZ StealthXStream 2 600w HAF 912 Razer Deathadder 2013 Steelseries QcK Mini 
  hide details  
Reply
My System
(17 items)
 
  
CPUMotherboardGraphicsRAM
i5 3570k - 4.3 GHz ~1.16V ASRock Z77 Extreme4-M Gigabyte HD 7870 8GB G.Skill Sniper DDR3 1600 9-9-9-24 
Hard DriveHard DriveHard DriveCooling
Crucial M4 128GB WD Blue WD10EZEX 1TB WD Green WD5000AADS 500GB Hyper 212 EVO 
OSMonitorMonitorKeyboard
Windows 7 Crossover 27Q Dell SR2320L Logitech G510 
PowerCaseMouseMouse Pad
OCZ StealthXStream 2 600w HAF 912 Razer Deathadder 2013 Steelseries QcK Mini 
  hide details  
Reply
post #5 of 20
I dunno, but the person trying to connect has a VoIP phone. And the exchange is in Ottawa, Canada.
    
CPUMotherboardGraphicsGraphics
FX-8350 Asus Crosshair V MSI GTX460 Hawk 1gb MSI GTX460 Hawk 1gb 
RAMHard DriveHard DriveHard Drive
Kingston HyperX 8gb (2x4gb) Crucial M4 64GB Samsung F3 1TB Western Digital 320GB 
CoolingOSMonitorMonitor
Custom WC Windows 7 Ultimate X64 Dell E2311H Dell E2311H 
MonitorKeyboardPowerCase
LH 23EN43 Ducky Year of the Dragon 2012 SilverStone Strider 1000W-P Corsair 800D 
Audio
Asus Xonar Essence STX 
  hide details  
Reply
    
CPUMotherboardGraphicsGraphics
FX-8350 Asus Crosshair V MSI GTX460 Hawk 1gb MSI GTX460 Hawk 1gb 
RAMHard DriveHard DriveHard Drive
Kingston HyperX 8gb (2x4gb) Crucial M4 64GB Samsung F3 1TB Western Digital 320GB 
CoolingOSMonitorMonitor
Custom WC Windows 7 Ultimate X64 Dell E2311H Dell E2311H 
MonitorKeyboardPowerCase
LH 23EN43 Ducky Year of the Dragon 2012 SilverStone Strider 1000W-P Corsair 800D 
Audio
Asus Xonar Essence STX 
  hide details  
Reply
post #6 of 20
Thread Starter 
The three main IPs out of the log that I see are:

69.165.143.63
99.234.152.123
72.51.40.200
all different port numbers....
    
CPUMotherboardGraphicsRAM
Intel Core i7 3820 @ 4.3GHz Gigabyte x79-UD3 MSI GTX 570 4x4GB Corsair Vengeance - Quad Channel 
Hard DriveHard DriveOptical DriveCooling
256GB Vertex 4 Seagate 1 TB 7200 RMP LG Multi Corsair H100 
OSMonitorKeyboardPower
Windows 7 Ultimate 64bit BenQ GW2750 Razer BlackWidow Tournament 10 key less Corsair 850AX 
CaseMouseMouse PadAudio
Obsidian 800D G500 XFX WarPad OMB 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core i7 3820 @ 4.3GHz Gigabyte x79-UD3 MSI GTX 570 4x4GB Corsair Vengeance - Quad Channel 
Hard DriveHard DriveOptical DriveCooling
256GB Vertex 4 Seagate 1 TB 7200 RMP LG Multi Corsair H100 
OSMonitorKeyboardPower
Windows 7 Ultimate 64bit BenQ GW2750 Razer BlackWidow Tournament 10 key less Corsair 850AX 
CaseMouseMouse PadAudio
Obsidian 800D G500 XFX WarPad OMB 
  hide details  
Reply
post #7 of 20
I highly doubt someone will be trying to DDoS your homes internet.... For no reason...
post #8 of 20
Thread Starter 
Quote:
Originally Posted by mbudden View Post
I highly doubt someone will be trying to DDoS your homes internet.... For no reason...
While I agree with you, the log still makes me worried as I don't know what up with the entires.
    
CPUMotherboardGraphicsRAM
Intel Core i7 3820 @ 4.3GHz Gigabyte x79-UD3 MSI GTX 570 4x4GB Corsair Vengeance - Quad Channel 
Hard DriveHard DriveOptical DriveCooling
256GB Vertex 4 Seagate 1 TB 7200 RMP LG Multi Corsair H100 
OSMonitorKeyboardPower
Windows 7 Ultimate 64bit BenQ GW2750 Razer BlackWidow Tournament 10 key less Corsair 850AX 
CaseMouseMouse PadAudio
Obsidian 800D G500 XFX WarPad OMB 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core i7 3820 @ 4.3GHz Gigabyte x79-UD3 MSI GTX 570 4x4GB Corsair Vengeance - Quad Channel 
Hard DriveHard DriveOptical DriveCooling
256GB Vertex 4 Seagate 1 TB 7200 RMP LG Multi Corsair H100 
OSMonitorKeyboardPower
Windows 7 Ultimate 64bit BenQ GW2750 Razer BlackWidow Tournament 10 key less Corsair 850AX 
CaseMouseMouse PadAudio
Obsidian 800D G500 XFX WarPad OMB 
  hide details  
Reply
post #9 of 20
Quote:
Originally Posted by fishman78 View Post
The three main IPs out of the log that I see are:

69.165.143.63
99.234.152.123
72.51.40.200
all different port numbers....
Its like a reverse portscan
    
CPUMotherboardGraphicsGraphics
FX-8350 Asus Crosshair V MSI GTX460 Hawk 1gb MSI GTX460 Hawk 1gb 
RAMHard DriveHard DriveHard Drive
Kingston HyperX 8gb (2x4gb) Crucial M4 64GB Samsung F3 1TB Western Digital 320GB 
CoolingOSMonitorMonitor
Custom WC Windows 7 Ultimate X64 Dell E2311H Dell E2311H 
MonitorKeyboardPowerCase
LH 23EN43 Ducky Year of the Dragon 2012 SilverStone Strider 1000W-P Corsair 800D 
Audio
Asus Xonar Essence STX 
  hide details  
Reply
    
CPUMotherboardGraphicsGraphics
FX-8350 Asus Crosshair V MSI GTX460 Hawk 1gb MSI GTX460 Hawk 1gb 
RAMHard DriveHard DriveHard Drive
Kingston HyperX 8gb (2x4gb) Crucial M4 64GB Samsung F3 1TB Western Digital 320GB 
CoolingOSMonitorMonitor
Custom WC Windows 7 Ultimate X64 Dell E2311H Dell E2311H 
MonitorKeyboardPowerCase
LH 23EN43 Ducky Year of the Dragon 2012 SilverStone Strider 1000W-P Corsair 800D 
Audio
Asus Xonar Essence STX 
  hide details  
Reply
post #10 of 20
I'm probably speaking out of my mind here, but on the main PC (192.168.1.3) if you type in netstat -a does it show connections from that address?

I'll also assume you've shut down everything that you believe uses the network... I saw something suspicious one from "FriendFinder" or whatever and it just happened to be my chat client
    
CPUMotherboardGraphicsRAM
Athlon 64 3800+ (single core) Asus A8V-VM nVidia 7300GT 1024MB DDR 
Hard DriveOSPower
250GB Windows XP SP3 TPN-650 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Athlon 64 3800+ (single core) Asus A8V-VM nVidia 7300GT 1024MB DDR 
Hard DriveOSPower
250GB Windows XP SP3 TPN-650 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Am I getting DOSed or something?