| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 39429 | 2003-11-06 07:57:00 | I'm getting attacked... | agent (30) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 189655 | 2003-11-06 10:11:00 | > Some foolish person located at 219.89.115.251 (that's > 219-89-115-251.adsl.xtra.co.nz) has been consistently > sending me UDP packets on local port 500 (isakmp), > from remote port 500 (isakmp again, what else?). Probably someone with a misconfigured VPN > > This probably started nearing 30 minutes ago, and has > been going consistently. I started logging and > automatically denying the connections 10 minutes ago > (yes, I was manually closing every alert Kerio popped > up :D). Since then I have been able to discover that > the connection attempt is made every 30 seconds. And > it is now exactly 20 connection attempts since I > started logging and alerting. > > I've fired off an email to abuse [AT] xtra.co.[do you > really think this domain exists].nz (following some > advice from an Orcon eNews email there... seems > stupid, but hey). > > Now, you might wonder why I haven't just disconnected > from the internet and re-established my connection > (I'm on dial-up). The reasoning is that I wanted to > see how this played out. > > I haven't been able to ping, perform a trace route, > or attempt to send a 'net send' message because this > would (a) require me to disable the firewall; or (b) > guess which part of the firewall configuration is > blocking these and disable that... and I'd rather do > testing for that when I am not receiving packets > every 30 seconds from some trigger-happy ADSL user. > > If anyone wishes to attempt anything on the person, I > repeat: 219.89.115.251 - feel free to do stuff to > them, because they're doing it to me... Looks like we have another case of Moron with Personal Firewall. |
BIFF (1) | ||
| 189656 | 2003-11-06 10:18:00 | Well, hey now... I'm entitled to just as much security and peace of mind as the next person. So why shouldn't I complain about getting unwanted traffic from someone trying to establish a VPN? I neither run nor connect to any VPNs myself. I can only put this down to a VPN-enabled ADSL router or similar sending off random packets (or, in my case, constant packets every 30 seconds for well over two hours). And so therefore I am officially complaining about this to Xtra. Hopefully someone will be reminded of the circumstances pertained in the Crimes Amendment Bill #6. |
agent (30) | ||
| 189657 | 2003-11-06 10:32:00 | > And so therefore I am officially complaining about > this to Xtra. Hopefully someone will be reminded of > the circumstances pertained in the Crimes Amendment > Bill #6. :D I was.. Only I was ssh'ing for legit purposes.... Blaming PuTTY for me using ssh into an off-shore server? It only ever gets used across the LAN :D |
Chilling_Silently (228) | ||
| 189658 | 2003-11-06 10:49:00 | I suppose that soon people combining SSH with VNC to remotely monitor their own computers will soon be receiving warnings... I wonder how the Crimes Amendment Act 2003 affects me telneting into my ISPs SMTP servers to send emails to people when I can't or won't open an email client... |
agent (30) | ||
| 1 2 | |||||