DoS Attack: ACK Scan
Hallo, Ich habe nun schon seit einigen Tagen ein Problem:Mein System wir von Angriffen überflutet...... kann ich irgendwie was machen dass dies aufhört? Hier das Protokoll:[DoS attack: ACK Scan] from source: 23.0.174.42:80 Monday, May 04,2015 23:20:05[DoS attack: ACK Scan] from source: 31.13.84.4:443 Monday, May 04,2015 23:19:11[DoS attack: ACK Scan] from source: 54.243.220.57:80 Monday, May 04,2015 23:18:21[DoS attack: ACK Scan] from source: 54.243.220.57:80 Monday, May 04,2015 23:18:01[admin login] from source 192.168.0.13 Monday, May 04,2015 23:17:57[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 23:17:44[DoS attack: ACK Scan] from source: 77.109.171.48:443 Monday, May 04,2015 23:11:49[DoS attack: ACK Scan] from source: 77.109.171.48:443 Monday, May 04,2015 23:11:17[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 23:10:45[DoS attack: RST Scan] from source: 216.58.211.36:443 Monday, May 04,2015 23:06:00[DHCP IP: (192.168.0.2)] to MAC address 78:92:9C:45:AC:94 Monday, May 04,2015 23:04:49[DHCP IP: (192.168.0.7)] to MAC address 94:D7:71:8D:6D:93 Monday, May 04,2015 23:04:10[DoS attack: RST Scan] from source: 31.13.84.8:443 Monday, May 04,2015 23:01:18[DoS attack: ACK Scan] from source: 2.21.98.80:443 Monday, May 04,2015 22:57:30[DoS attack: ACK Scan] from source: 2.21.98.80:443 Monday, May 04,2015 22:57:01[DoS attack: ACK Scan] from source: 158.85.58.117:5222 Monday, May 04,2015 22:51:38[DoS attack: ACK Scan] from source: 158.85.58.117:5222 Monday, May 04,2015 22:50:34[DoS attack: ACK Scan] from source: 158.85.58.117:5222 Monday, May 04,2015 22:49:30[DoS attack: ACK Scan] from source: 158.85.58.117:5222 Monday, May 04,2015 22:48:26[DHCP IP: (192.168.0.19)] to MAC address 68:A0:F6:11:14:51 Monday, May 04,2015 22:47:59[DHCP IP: (192.168.0.19)] to MAC address 68:A0:F6:11:14:51 Monday, May 04,2015 22:47:59[DoS attack: ACK Scan] from source: 158.85.58.117:5222 Monday, May 04,2015 22:47:22[DoS attack: RST Scan] from source: 173.194.44.48:443 Monday, May 04,2015 22:46:58[DoS attack: ACK Scan] from source: 217.118.169.208:80 Monday, May 04,2015 22:46:17[DoS attack: ACK Scan] from source: 158.85.58.117:5222 Monday, May 04,2015 22:45:14[DoS attack: ACK Scan] from source: 217.118.169.208:80 Monday, May 04,2015 22:39:30[DoS attack: RST Scan] from source: 108.160.172.205:443 Monday, May 04,2015 22:38:21[DoS attack: RST Scan] from source: 216.58.211.4:443 Monday, May 04,2015 22:37:55[DoS attack: RST Scan] from source: 216.58.211.36:443 Monday, May 04,2015 22:31:20[DHCP IP: (192.168.0.9)] to MAC address 30:D6:C9:BE:A1:A9 Monday, May 04,2015 22:26:25[DoS attack: RST Scan] from source: 64.233.184.102:443 Monday, May 04,2015 22:25:09[DoS attack: RST Scan] from source: 184.173.195.61:443 Monday, May 04,2015 22:17:52[DoS attack: RST Scan] from source: 198.23.87.80:443 Monday, May 04,2015 22:12:50[DoS attack: RST Scan] from source: 31.13.84.8:443 Monday, May 04,2015 22:11:25[DHCP IP: (192.168.0.19)] to MAC address 68:A0:F6:11:14:51 Monday, May 04,2015 22:09:48[DHCP IP: (192.168.0.19)] to MAC address 68:A0:F6:11:14:51 Monday, May 04,2015 22:09:48[DoS attack: RST Scan] from source: 31.13.84.8:443 Monday, May 04,2015 22:09:13[DoS attack: ACK Scan] from source: 213.73.83.144:443 Monday, May 04,2015 22:09:08[DoS attack: RST Scan] from source: 31.13.84.8:443 Monday, May 04,2015 22:08:00[DoS attack: ACK Scan] from source: 192.99.200.98:25565 Monday, May 04,2015 22:04:52[DoS attack: RST Scan] from source: 31.13.84.8:443 Monday, May 04,2015 21:58:23[DoS attack: ACK Scan] from source: 31.13.84.8:443 Monday, May 04,2015 21:56:19[DoS attack: ACK Scan] from source: 31.13.84.8:443 Monday, May 04,2015 21:55:31[DoS attack: RST Scan] from source: 173.194.44.20:443 Monday, May 04,2015 21:55:04[DoS attack: ACK Scan] from source: 158.85.58.51:443 Monday, May 04,2015 21:44:26[DoS attack: ACK Scan] from source: 158.85.58.51:443 Monday, May 04,2015 21:43:22[DoS attack: ACK Scan] from source: 158.85.58.51:443 Monday, May 04,2015 21:42:18[DoS attack: ACK Scan] from source: 158.85.58.51:443 Monday, May 04,2015 21:41:14[DoS attack: ACK Scan] from source: 158.85.58.51:443 Monday, May 04,2015 21:39:06[DoS attack: ACK Scan] from source: 108.162.232.205:80 Monday, May 04,2015 21:34:11[DoS attack: ACK Scan] from source: 108.162.232.205:80 Monday, May 04,2015 21:33:39[DoS attack: ACK Scan] from source: 158.85.58.3:5222 Monday, May 04,2015 21:20:33[DHCP IP: (192.168.0.3)] to MAC address 54:EA:A8:CE:DD:C5 Monday, May 04,2015 21:19:10[DoS attack: ACK Scan] from source: 158.85.58.3:5222 Monday, May 04,2015 21:18:25[DoS attack: ACK Scan] from source: 158.85.58.3:5222 Monday, May 04,2015 21:16:17[DoS attack: ACK Scan] from source: 158.85.58.3:5222 Monday, May 04,2015 21:15:13[DoS attack: ACK Scan] from source: 158.85.58.3:5222 Monday, May 04,2015 21:14:09[DoS attack: ACK Scan] from source: 158.85.58.3:5222 Monday, May 04,2015 21:13:05[DoS attack: RST Scan] from source: 216.58.211.4:443 Monday, May 04,2015 21:11:09[DoS attack: ACK Scan] from source: 2.21.98.80:443 Monday, May 04,2015 20:59:50[DoS attack: ACK Scan] from source: 2.21.98.80:443 Monday, May 04,2015 20:59:20[DoS attack: RST Scan] from source: 173.194.44.17:443 Monday, May 04,2015 20:54:50[DoS attack: RST Scan] from source: 173.194.44.16:443 Monday, May 04,2015 20:50:34[DoS attack: RST Scan] from source: 216.58.209.174:443 Monday, May 04,2015 20:45:10[DoS attack: RST Scan] from source: 188.121.36.239:80 Monday, May 04,2015 20:43:20[DoS attack: RST Scan] from source: 2.20.182.114:80 Monday, May 04,2015 20:42:12[DHCP IP: (192.168.0.11)] to MAC address 00:22:75:B0:CC:33 Monday, May 04,2015 20:36:13[DoS attack: RST Scan] from source: 188.21.9.25:443 Monday, May 04,2015 20:33:26[DoS attack: RST Scan] from source: 173.194.44.49:443 Monday, May 04,2015 20:30:44[DoS attack: RST Scan] from source: 216.58.211.36:443 Monday, May 04,2015 20:26:39[DHCP IP: (192.168.0.4)] to MAC address 60:69:44:1F:67:77 Monday, May 04,2015 20:20:05[DoS attack: RST Scan] from source: 198.41.201.113:80 Monday, May 04,2015 20:19:28[DoS attack: RST Scan] from source: 216.58.209.194:443 Monday, May 04,2015 20:11:18[Time synchronized with NTP server time-g.netgear.com] Monday, May 04,2015 20:10:39[DoS attack: RST Scan] from source: 173.194.44.19:443 Monday, May 04,2015 20:10:37[UPnP set event:AddPortMapping] from source 192.168.0.13 Monday, May 04,2015 20:09:53[UPnP set event:AddPortMapping] from source 192.168.0.13 Monday, May 04,2015 20:09:52[UPnP set event:DeletePortMapping] from source 192.168.0.13 Monday, May 04,2015 20:09:51[UPnP set event:DeletePortMapping] from source 192.168.0.13 Monday, May 04,2015 20:09:50[Internet connected] IP address: 178.190.28.82 Monday, May 04,2015 20:09:42[Internet disconnected] Monday, May 04,2015 20:09:36[DHCP IP: (192.168.0.5)] to MAC address 90:18:7C:90:D5:1F Monday, May 04,2015 20:02:42[DoS attack: RST Scan] from source: 216.58.211.4:443 Monday, May 04,2015 19:53:39[DoS attack: RST Scan] from source: 216.58.211.4:443 Monday, May 04,2015 19:42:20[DoS attack: RST Scan] from source: 216.58.211.4:443 Monday, May 04,2015 19:32:27[DoS attack: RST Scan] from source: 216.58.211.36:443 Monday, May 04,2015 19:15:55[UPnP set event:AddPortMapping] from source 192.168.0.13 Monday, May 04,2015 19:04:48[UPnP set event:AddPortMapping] from source 192.168.0.13 Monday, May 04,2015 19:04:47[UPnP set event:DeletePortMapping] from source 192.168.0.13 Monday, May 04,2015 19:04:46[UPnP set event:DeletePortMapping] from source 192.168.0.13 Monday, May 04,2015 19:04:45[DHCP IP: (192.168.0.13)] to MAC address D0:50:99:32:7E:E7 Monday, May 04,2015 19:04:16[UPnP set event:DeletePortMapping] from source 192.168.0.2 Monday, May 04,2015 18:39:05[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:38:32[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:38:31[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:37:47[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:37:14[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:36:30[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:35:46[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:35:04[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:34:33[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:34:01[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:33:18[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:32:42[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:32:11[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:31:29[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:30:58[DHCP IP: (192.168.0.6)] to MAC address 20:D3:90:AD:AE:3C Monday, May 04,2015 18:30:30[DoS attack: RST Scan] from source: 74.125.195.95:443 Monday, May 04,2015 18:30:20[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:30:13[UPnP set event:AddPortMapping] from source 192.168.0.2 Monday, May 04,2015 18:29:38[DHCP IP: (192.168.0.5)] to MAC address 90:18:7C:90:D5:1F Monday, May 04,2015 18:29:03
Benutzerebene 7
+7
Da die Angriffe von unterschiedlichen IP-Adressen kommen, ist es wohl eine DDoS-Attacke. Da sie über mehr als 24 Stunden andauert, hast Du entweder:
1) Eine statische IP-Adresse
2) Einen dynamischen DNS-Namen
oder
3) Einen Trojaner, der Deine sich verändernde IP-Adresse immer wieder preisgibt.
Falls Du UPnP nicht benötigst, abdrehen.
Um festzustellen, ob es Lücken in der Firewall gibt:
http://www.heise.de/security/dienste/portscan/test/go.shtml?scanart=1
Zur Überprüfung von Punkt 3, falls keine statischeIP:
DynDNS, wenn eingerichtet, abdrehen, UPnP abdrehen, alle PCs, Handys etc vom Netz trennen, Router neu starten, mit einem PC, der sicher frei von Malware ist ins Netz verbinden und feststellen, ob die Angriffe noch kommen.
Vielleicht gibt es noch weitere Tipps von anderen usern, ansonsten: Hilfe durch Profis, was natürlich kostet.
Nachtrag: Falls Du online-Spieler bist: Es gibt auch Gegner, die durchaus in der Lage sind, Dich mit solchen Attacken "einzubremsen".
1) Eine statische IP-Adresse
2) Einen dynamischen DNS-Namen
oder
3) Einen Trojaner, der Deine sich verändernde IP-Adresse immer wieder preisgibt.
Falls Du UPnP nicht benötigst, abdrehen.
Um festzustellen, ob es Lücken in der Firewall gibt:
http://www.heise.de/security/dienste/portscan/test/go.shtml?scanart=1
Zur Überprüfung von Punkt 3, falls keine statischeIP:
DynDNS, wenn eingerichtet, abdrehen, UPnP abdrehen, alle PCs, Handys etc vom Netz trennen, Router neu starten, mit einem PC, der sicher frei von Malware ist ins Netz verbinden und feststellen, ob die Angriffe noch kommen.
Vielleicht gibt es noch weitere Tipps von anderen usern, ansonsten: Hilfe durch Profis, was natürlich kostet.
Nachtrag: Falls Du online-Spieler bist: Es gibt auch Gegner, die durchaus in der Lage sind, Dich mit solchen Attacken "einzubremsen".
Antworten
Nicht gefunden, wonach du suchst?
Nicht den Mut verlieren! Eröffne einfach ein neues Thema mit deiner Frage und hol dir die Antworten!
Neues Thema eröffnen
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.