ComputerBase Menü
Aktuelles

Fast jeden Tag 100 Angriffe?

B

bOsE

Lieutenant
Registriert
Mai 2003
Beiträge
1.016
Hi.
Fast täglich zeichnet meine Router-Firewall (RP614) irgendwelche Attacken auf.
Ich nehme mal stark an, dass ich deshalb laufend Abbrüche habe.
Heute hatte ich nur ein paar und schon den ganzen Tag blieb das Inet stabil.
Ich habe aber nichts anderes gemacht, kann also nicht sagen wieso heute nicht.

Hier mal das Log nur von Heute.
Könnt ihr mal sagen wie ich das abstellen kann?
Vielleicht hängt es von der IP ab, wann die Attacken kommen?

Code: 
Thursday,08 Nov 2007 00:10:45 [HOST Attack: TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 00:19:01 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 00:19:01 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 00:19:01 [ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 00:19:03 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 00:19:05 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 00:33:02 Authentication successful for admin from 192.168.1.2
Thursday,08 Nov 2007 01:37:36 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 01:37:42 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 01:37:54 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 01:38:18 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 01:38:18 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 01:39:06 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 02:18:41 [TCP Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 02:50:46 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 02:50:50 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 02:50:57 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 02:51:12 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 02:51:41 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 02:52:39 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 03:18:05 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 03:18:08 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 03:18:14 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 03:18:15 Authentication successful for admin from 192.168.1.2
Thursday,08 Nov 2007 03:18:26 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 04:39:00 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 04:39:04 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 04:39:14 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 04:39:33 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 04:40:11 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 04:55:46 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 04:55:50 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:01:47 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:01:50 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:01:56 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:02:08 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:02:32 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:03:20 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:19:08 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:19:11 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:19:17 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:19:29 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:31:56 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:32:03 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:32:15 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:32:40 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 05:33:31 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 06:22:47 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 06:22:50 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 06:22:56 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 06:23:09 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 06:23:35 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 07:30:43 [HOST Attack: TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 09:35:55 [TCP Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 10:22:13 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 10:22:13 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 10:22:16 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 10:22:22 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 10:22:34 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 10:22:58 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 10:23:13 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 10:23:46 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 11:45:30 [TCP Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 12:36:37 [HOST Attack: TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 12:36:38 [TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 16:32:40 [TCP SYN Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 17:22:33 [TCP SYN Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:15:59 [HOST Attack: TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:15:59 [TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:15:59 [HOST Attack: TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:16:01 [HOST Attack: TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:16:01 [TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:16:02 [TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:16:02 [HOST Attack: TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:16:03 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:16:08 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:16:17 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:16:36 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:17:13 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:24:35 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 18:24:35 [ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 20:28:38 [TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 21:41:41 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 21:41:46 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 21:42:14 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 21:42:51 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 21:49:40 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:19:42 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:19:49 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:20:01 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:20:27 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:21:18 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:24:14 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:24:17 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:24:18 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:24:19 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:24:20 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:24:21 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:24:23 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 22:24:24 [HOST Attack: ICMP Flood][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:24:58 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:25:00 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:25:04 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:25:12 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:25:28 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:46:19 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:46:25 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:46:37 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:47:02 [IP Spoofing][Deny access policy matched, dropping packet] 
Thursday,08 Nov 2007 23:47:52 [IP Spoofing][Deny access policy matched, dropping packet]
 
Meinst Du wirklich da hat es jemand genau auf Dich abgesehen?
Irgendwelche Script-Kiddies scannen IP-Ranges oder irgendwelche Zombie-Netze scannen.
Da würd ich mir gar kein Kopf machen.
Wenn Du Abbrüche hast, dann hast Du nen Hardware-Problem. Und zwar bei Dir oder von Deinem Provider aus.
 
Ich kämpfe schon seit Wochen mit den Abbrüchen, aber da habe ich ein anderen Thread zu.
Nur kurz gesagt... 2 Router, 4 Modem, 2 Splitter, andere Kabel wurden getestet und Provider sieht keine Abbrüche.
Es muss also auf den Weg zu Modem, Splitter, Router sein.
Ich schreibe es nicht in meinem anderen Thread, weil es dann völlig unübersichtlich wird.

Es kann kein Zufall sein.
Hier mal das Log von Heute
Code: 
Friday,09 Nov 2007 00:59:55 [HOST Attack: TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Friday,09 Nov 2007 16:57:13 [TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Friday,09 Nov 2007 16:57:13 [HOST Attack: TCP Stealth FIN Port Scan][Deny access policy matched, dropping packet] 
Friday,09 Nov 2007 20:02:52 [HOST Attack: TCP SYN Flood][Deny access policy matched, dropping packet]
Und Verbindung hält seit genau 14 Uhr... das ist echt ne Ausnahme.
Wenn es nur alle 3 Stunden mal abbricht würde ich mich zufrieden geben.
Router erkennt die Abbrüche auch garnicht...
Aber wie gesagt, hier bitte nur über die Attacken reden ;)

Kann man was dagegen machen?
Oder ist es völlig ausgeschlossen, das solche Attacken die Verbindung stören können?
 
Naja die TCP SYN Flood könnte ein Problem werden da wird der Empfänger mit soviel Connect Abfragen überschüttet bis er nicht mehr hinter her kommt die Anfragen zu beantworten aber da dein Router sicherlich nicht auf die Anfragen reagiert sollte das eigentlich auch kein Problem darstellen.Der Rest sind verschiedene Portscanmethoden.
 
Hast Du denn ne Statische IP?
Ansonsten wären Angriffe auf eine dynamische IP ja (falls kein Server-Dienst läuft oder irgend was anderes die dynamische IP auflöst) völlig willkürlich.
 
Nein, ich habe keine Statische, also passiert es willkürlich (anscheinend)
Die Frage ist ja, wie kann ich es stoppen.
Da es die Firewall erfasst hat, wurd es wohl auch gestoppt, aber irgendwie scheint es doch noch irgendwie mit den Abbrüchen zusammen hängen.

Ich bin aber dennoch mal gespannt wann der erste Abbruch kommt und was dann im Log steht.
 
Solange keine Server-Dienste bei Dir laufen die jemandem anderes Deine IP mitteilen ....
 
Du musst dich einloggen oder registrieren, um hier zu antworten.

Ähnliche Themen

F
Fast jeden Tag ein BSOD
2
Antworten
21
Aufrufe
3.209
RayBlue
R
Zurück
Oben

Willkommen auf ComputerBase!

Mit Werbung weiterlesen

Besuche ComputerBase wie gewohnt mit Werbung und Tracking. Die Zustimmung ist jederzeit widerrufbar.

Details im Privacy Center und in der Liste unserer Partner. Ein Widerruf ist möglich in der Datenschutzerklärung.

… oder ComputerBase Pro bestellen

Nutze ComputerBase ohne Werbebanner, Video-Ads und Werbetracking schon für 4 €/Monat oder 36 €/Jahr.

Mehr zu ComputerBase Pro

Bereits Pro-Nutzer? Hier anmelden.

Tracking: Wir und unsere 170 Partner verarbeiten personenbezogene Daten, indem wir mit auf Ihrem Gerät gespeicherten Informationen (z. B. eindeutige Kennungen in Cookies) ein Nutzungsprofil erstellen, um z. B. Anzeigen zu personalisieren. Verarbeitungszwecke: Genaue Standortdaten und Abfrage von Geräteeigenschaften zur Identifikation, Informationen auf einem Gerät speichern und/oder abrufen, Personalisierte Anzeigen und Inhalte, Anzeigen- und Inhaltsmessungen, Erkenntnisse über Zielgruppen und Produktentwicklungen.

Impressum Kontakt Datenschutz