TechTalkz.com Logo Ask the Experts!

Go Back   TechTalkz.com Technology & Computer Troubleshooting Forums > Tech Support Archives > Security > Firewall

Advice on router security alert?

Firewall

 
Reply
Thread Tools Display Modes
Unread 08-12-2007, 01:39 AM   #1
martin_pentreath@hotmail.com
Guest
 
Posts: n/a
Advice on router security alert?

Hi,

I'm based in the UK running Windows XP. My netgear router has sent me
the following "security alert" email:

UDP Packet - Source:67.159.44.180,4237 Destination:83.245.16.37,1025 -
[DOS]UDP Packet - Source:67.159.44.106,4237 Destination:
83.245.16.37,1025 - [DOS]UDP Packet - Source:67.159.44.180,4237
Destination:83.245.16.37,1025 - [DOS]UDP Packet - Source:
67.159.44.106,4237 Destination:83.245.16.37,1025 - [DOS]UDP Packet -
Source:67.159.44.180,4237 Destination:83.245.16.37,1025 - [DOS]UDP
Packet - Source:67.159.44.106,4237 Destination:83.245.16.37,1025 -
[DOS]UDP Packet - Source:212.58.227.104,21922 Destination:
83.245.16.37,6970 - [DOS]


I've looked up the IP addresses and found the following:

===============================
Search ARIN WHOIS for: 67.159.44.106

OrgName: FDC Servers.net, LLC
OrgID: FDCSE
Address: 141 West Jackson Blvd, Suite 1135
City: Chicago
StateProv: IL
PostalCode: 60604
Country: US

======================================
Search ARIN WHOIS for: 212.58.227.104

OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
====================================

So what does this mean??





Sponsored Links
  Reply With Quote
Unread 08-12-2007, 01:39 AM   #2
Ansgar -59cobalt- Wiechers
Guest
 
Posts: n/a
Re: Advice on router security alert?

Sponsored Links
martin_pentreath************* wrote:
> I'm based in the UK running Windows XP. My netgear router has sent me
> the following "security alert" email:
>
> UDP Packet - Source:67.159.44.180,4237 Destination:83.245.16.37,1025 - [DOS]
> UDP Packet - Source:67.159.44.106,4237 Destination:83.245.16.37,1025 - [DOS]
> UDP Packet - Source:67.159.44.180,4237 Destination:83.245.16.37,1025 - [DOS]
> UDP Packet - Source:67.159.44.106,4237 Destination:83.245.16.37,1025 - [DOS]
> UDP Packet - Source:67.159.44.180,4237 Destination:83.245.16.37,1025 - [DOS]
> UDP Packet - Source:67.159.44.106,4237 Destination:83.245.16.37,1025 - [DOS]
> UDP Packet - Source:212.58.227.104,21922 Destination: 83.245.16.37,6970 - [DOS]
>
>
> I've looked up the IP addresses and found the following:
>
> ===============================
> Search ARIN WHOIS for: 67.159.44.106
>
> OrgName: FDC Servers.net, LLC
> OrgID: FDCSE
> Address: 141 West Jackson Blvd, Suite 1135
> City: Chicago
> StateProv: IL
> PostalCode: 60604
> Country: US
>
> ======================================
> Search ARIN WHOIS for: 212.58.227.104
>
> OrgName: RIPE Network Coordination Centre
> OrgID: RIPE
> Address: P.O. Box 10096
> City: Amsterdam
> StateProv:
> PostalCode: 1001EB
> Country: NL
> ====================================
>
> So what does this mean??


It means that a host at BBC, a host presumably owned by a Mr. McElvana,
and a third host sent a couple UDP packets to your netgear router (to
ports that seem to be closed). And that your netgear router thinks that
it might be a Denial-of-Service attack, for whatever reason.

With the given information that's all we can say.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Sponsored Links
  Reply With Quote
Reply

Thread Tools
Display Modes



< Home - Windows Help - MS Office Help - Hardware Support >


New To Site? Need Help?

All times are GMT. The time now is 05:14 AM.


vBulletin, Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Copyright © 2005-2016, TechTalkz.com. All Rights Reserved - Privacy Policy
Valid XHTML 1.0 Transitional