V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
V2EX 提问指南
LZWDRWEB
V2EX  ›  问与答

网件路由器日志里发现许多 DoS attack: ACK Scan,问一下有遇到相同情况的吗?

  •  
  •   LZWDRWEB · 2020-04-23 21:08:50 +08:00 · 2399 次点击
    这是一个创建于 1675 天前的主题,其中的信息可能已经有所发展或是发生改变。
    日志


    [Admin login] from source 10.0.0.2, Thursday, Apr 23,2020 15:17:33
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Thursday, Apr 23,2020 14:13:56
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Thursday, Apr 23,2020 14:13:37
    [Time synchronized with NTP server] Thursday, Apr 23,2020 14:01:08
    [Internet connected] IP address: 27.205.206.1, Thursday, Apr 23,2020 14:01:07
    [Internet disconnected] Thursday, Apr 23,2020 13:58:58
    [UPnP set event: Public_UPNP_C3] from source 10.0.0.2, Thursday, Apr 23,2020 13:41:18
    [UPnP set event: Public_UPNP_C3] from source 10.0.0.2, Thursday, Apr 23,2020 13:32:42
    [UPnP set event: Public_UPNP_C3] from source 10.0.0.2, Thursday, Apr 23,2020 13:12:33
    [DoS attack: ACK Scan] (13) attack packets in last 20 sec from ip [156.238.187.89], Thursday, Apr 23,2020 12:54:14
    [DoS attack: ACK Scan] (12) attack packets in last 20 sec from ip [156.238.187.89], Thursday, Apr 23,2020 12:53:53
    [DoS attack: ACK Scan] (13) attack packets in last 20 sec from ip [156.238.187.89], Thursday, Apr 23,2020 12:53:32
    [DoS attack: ACK Scan] (1) attack packets in last 20 sec from ip [156.238.187.89], Thursday, Apr 23,2020 12:53:11
    [UPnP set event: Public_UPNP_C3] from source 10.0.0.2, Thursday, Apr 23,2020 12:52:22
    [DHCP IP: (10.0.0.7)] to MAC address A4:08:EA:02:8F:60, Thursday, Apr 23,2020 11:39:22
    [UPnP set event: Public_UPNP_C3] from source 10.0.0.3, Thursday, Apr 23,2020 11:34:30
    [DoS attack: ACK Scan] (5) attack packets in last 20 sec from ip [115.231.230.175], Thursday, Apr 23,2020 11:33:27
    [Admin login] from source 10.0.0.3, Thursday, Apr 23,2020 11:24:42
    [DoS attack: ACK Scan] (5) attack packets in last 20 sec from ip [115.231.230.175], Thursday, Apr 23,2020 11:21:35
    [DoS attack: ACK Scan] (5) attack packets in last 20 sec from ip [115.231.230.175], Thursday, Apr 23,2020 11:21:14
    [DoS attack: ACK Scan] (6) attack packets in last 20 sec from ip [115.231.230.175], Thursday, Apr 23,2020 11:20:50
    [DoS attack: ACK Scan] (6) attack packets in last 20 sec from ip [115.231.230.175], Thursday, Apr 23,2020 11:20:25
    [DoS attack: ACK Scan] (6) attack packets in last 20 sec from ip [115.231.230.175], Thursday, Apr 23,2020 11:19:59
    [DoS attack: ACK Scan] (1) attack packets in last 20 sec from ip [115.231.230.175], Thursday, Apr 23,2020 11:19:35
    [DoS attack: ACK Scan] (7) attack packets in last 20 sec from ip [156.238.187.89], Thursday, Apr 23,2020 10:50:39
    [DoS attack: ACK Scan] (13) attack packets in last 20 sec from ip [156.238.187.89], Thursday, Apr 23,2020 10:50:17
    [DoS attack: ACK Scan] (14) attack packets in last 20 sec from ip [156.238.187.89], Thursday, Apr 23,2020 10:49:54
    [UPnP set event: Public_UPNP_C3] from source 10.0.0.6, Thursday, Apr 23,2020 10:49:41
    [DoS attack: ACK Scan] (1) attack packets in last 20 sec from ip [156.238.187.89], Thursday, Apr 23,2020 10:49:33
    [DHCP IP: (10.0.0.6)] to MAC address A8:9C:ED:B3:AE:CE, Thursday, Apr 23,2020 10:36:04
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Thursday, Apr 23,2020 10:24:19
    [Admin login] from source 10.0.0.2, Thursday, Apr 23,2020 10:14:41
    [DHCP IP: (10.0.0.2)] to MAC address 00:D8:61:71:1E:63, Thursday, Apr 23,2020 10:05:00
    [DHCP IP: (10.0.0.4)] to MAC address D8:32:E3:00:1D:5F, Thursday, Apr 23,2020 10:03:10
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Thursday, Apr 23,2020 10:01:58
    [Admin login] from source 10.0.0.3, Thursday, Apr 23,2020 09:58:48
    [Admin login] from source 10.0.0.3, Thursday, Apr 23,2020 09:26:28
    [DHCP IP: (10.0.0.4)] to MAC address D8:32:E3:00:1D:5F, Thursday, Apr 23,2020 09:06:44
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Thursday, Apr 23,2020 09:03:57
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Thursday, Apr 23,2020 09:03:40
    [Admin login] from source 10.0.0.3, Thursday, Apr 23,2020 09:02:41
    [Admin login] from source 10.0.0.3, Thursday, Apr 23,2020 09:01:59
    [DHCP IP: (10.0.0.5)] to MAC address E4:05:F8:00:79:47, Thursday, Apr 23,2020 07:21:07
    [DHCP IP: (10.0.0.4)] to MAC address D8:32:E3:00:1D:5F, Thursday, Apr 23,2020 05:25:26
    [DHCP IP: (10.0.0.6)] to MAC address A8:9C:ED:B3:AE:CE, Thursday, Apr 23,2020 05:23:24
    [DHCP IP: (10.0.0.5)] to MAC address E4:05:F8:00:79:47, Thursday, Apr 23,2020 05:18:21
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Thursday, Apr 23,2020 02:15:53
    [Admin login] from source 10.0.0.3, Thursday, Apr 23,2020 01:03:24
    [DoS attack: ACK Scan] (2) attack packets in last 20 sec from ip [51.75.174.237], Thursday, Apr 23,2020 00:24:00
    [DoS attack: ACK Scan] (1) attack packets in last 20 sec from ip [54.39.193.190], Thursday, Apr 23,2020 00:23:56
    [DoS attack: ACK Scan] (1) attack packets in last 20 sec from ip [109.94.169.105], Thursday, Apr 23,2020 00:23:32
    [DoS attack: ACK Scan] (1) attack packets in last 20 sec from ip [51.75.174.237], Thursday, Apr 23,2020 00:22:21
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Wednesday, Apr 22,2020 23:05:30
    [Admin login] from source 10.0.0.2, Wednesday, Apr 22,2020 23:02:43
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Wednesday, Apr 22,2020 22:52:10
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Wednesday, Apr 22,2020 22:20:13
    [Admin login] from source 10.0.0.3, Wednesday, Apr 22,2020 22:17:28
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Wednesday, Apr 22,2020 22:15:47
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Wednesday, Apr 22,2020 22:04:21
    [Admin login] from source 10.0.0.2, Wednesday, Apr 22,2020 21:48:35
    [Time synchronized with NTP server] Wednesday, Apr 22,2020 21:46:55
    [Internet connected] IP address: 218.57.168.191, Wednesday, Apr 22,2020 21:46:55
    [Internet disconnected] Wednesday, Apr 22,2020 21:46:44
    [Admin login] from source 10.0.0.2, Wednesday, Apr 22,2020 21:27:07
    [DHCP IP: (10.0.0.6)] to MAC address A8:9C:ED:B3:AE:CE, Wednesday, Apr 22,2020 21:24:17
    [DHCP IP: (10.0.0.4)] to MAC address D8:32:E3:00:1D:5F, Wednesday, Apr 22,2020 21:24:04
    [DHCP IP: (10.0.0.5)] to MAC address E4:05:F8:00:79:47, Wednesday, Apr 22,2020 21:21:12
    [DHCP IP: (10.0.0.4)] to MAC address E4:05:F8:00:79:47, Wednesday, Apr 22,2020 21:20:57
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Wednesday, Apr 22,2020 21:19:03
    [DHCP IP: (10.0.0.3)] to MAC address B8:7B:C5:C7:58:D6, Wednesday, Apr 22,2020 21:17:24
    [Admin login] from source 10.0.0.2, Wednesday, Apr 22,2020 21:14:16
    [Admin login] from source 10.0.0.2, Wednesday, Apr 22,2020 21:13:23
    [Time synchronized with NTP server] Wednesday, Apr 22,2020 21:13:05
    [Internet connected] IP address: 39.69.50.20, Saturday, Feb 08,2020 01:37:17
    [DHCP IP: (10.0.0.2)] to MAC address 00:D8:61:71:1E:63, Saturday, Feb 08,2020 01:37:03
    [Initialized, firmware version: V1.0.11.100] Saturday, Feb 08,2020 01:37:03
    [Internet disconnected] Wednesday, Apr 22,2020 21:12:16
    [Time synchronized with NTP server] Wednesday, Apr 22,2020 21:12:11
    [Internet connected] IP address: 119.190.114.190, Wednesday, Apr 22,2020 21:12:11
    [Initialized, firmware version: V1.0.11.100] Wednesday, Apr 22,2020 21:12:01
    [Admin login] from source 192.168.1.2, Wednesday, Sep 01,2021 23:38:11
    [DoS attack: IP Spoof] (2) attack packets in last 20 sec from ip [192.168.1.1], Wednesday, Sep 01,2021 23:36:22
    [DoS attack: IP Spoof] (1) attack packets in last 20 sec from ip [192.168.1.1], Wednesday, Sep 01,2021 23:35:40
    [Internet connected] IP address: 192.168.1.63, Wednesday, Sep 01,2021 23:35:34
    [Internet disconnected] Wednesday, Sep 01,2021 23:35:30
    [DHCP IP: (192.168.1.2)] to MAC address 00:D8:61:71:1E:63, Wednesday, Sep 01,2021 23:35:24
    [Initialized, firmware version: V1.0.11.100] Wednesday, Sep 01,2021 23:35:14
    2 条回复    2020-04-23 21:26:58 +08:00
    ifxo
        1
    ifxo  
       2020-04-23 21:20:19 +08:00
    用迅雷了吗,好像就是这样
    LZWDRWEB
        2
    LZWDRWEB  
    OP
       2020-04-23 21:26:58 +08:00
    @ifxo 有用,但是没有后台
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2438 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 27ms · UTC 02:18 · PVG 10:18 · LAX 18:18 · JFK 21:18
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.