Attaques ? qu'en faire ?
asevere
Messages postés
13095
Date d'inscription
Statut
Webmaster
Dernière intervention
-
Lupin -
Lupin -
Bonjour a tous,
hier soir je suis allez jeter un z'yeux aux logs de mon firewall, et Ô surpise, tout plein de tentative bloquée ;) jusque là rien d'anormale, j'ai mon lot habituel de requete de connexion sur le port 4662 je suis habitué.
Par contre trois series d'alertes ont attirées mon attention. Ce n'est pas si grave vu que toutes ces tentatives ont été bloquée, mais je voudrait savoir les quelles sont effectivement dangeureuses et que faire dans ce cas la...
Merci du coup de main !
les voici:
serie 1:
172.176.204.xxx c'est mon ip
64.7.212.xxx
64.7.212.yyy
64.7.212.zzz
c'est trois IP differentes, mais pas tant que ca en fait, c'est du genre
12, 13, 14...
Total 54 alertes.
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:18:40 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:18:40 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:18685,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:18685,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:26270,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:26270,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:34069,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:34069,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:45750,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:45750,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:20360,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:20360,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:24482,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:24482,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:24482,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:24482,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:18685,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:18685,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:26270,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:26270,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:34069,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:34069,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:45750,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:45750,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:20360,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:20360,TCP (flags:S)
Serie 2:
172.181.232.xxx c'est mon ip
je ne sais pas a quoi corresspond le port 41636 ...
total 51 alertes.
FWIN,2003/06/02,16:22:20 +2:00 GMT,203.88.248.xxx:3893,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:22:52 +2:00 GMT,203.88.248.xxx:3979,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:23:20 +2:00 GMT,203.88.248.xxx:4064,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:23:50 +2:00 GMT,203.88.248.xxx:4148,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:24:24 +2:00 GMT,203.88.248.xxx:4228,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:24:58 +2:00 GMT,203.88.248.xxx:4317,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:25:30 +2:00 GMT,203.88.248.xxx:4397,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:26:02 +2:00 GMT,203.88.248.xxx:4481,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:26:32 +2:00 GMT,203.88.248.xxx:4563,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:27:10 +2:00 GMT,203.88.248.xxx:4665,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:27:44 +2:00 GMT,203.88.248.xxx:4750,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:28:16 +2:00 GMT,203.88.248.xxx:4830,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:28:46 +2:00 GMT,203.88.248.xxx:4915,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:29:16 +2:00 GMT,203.88.248.xxx:1049,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:30:16 +2:00 GMT,203.88.248.xxx:1206,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:30:56 +2:00 GMT,203.88.248.xxx:1307,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:31:42 +2:00 GMT,203.88.248.xxx:1431,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:32:14 +2:00 GMT,203.88.248.xxx:1527,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:32:50 +2:00 GMT,203.88.248.xxx:1627,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:33:24 +2:00 GMT,203.88.248.xxx:1713,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:33:56 +2:00 GMT,203.88.248.xxx:1784,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:34:28 +2:00 GMT,203.88.248.xxx:1862,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:34:58 +2:00 GMT,203.88.248.xxx:1939,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:35:44 +2:00 GMT,203.88.248.xxx:2045,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:36:18 +2:00 GMT,203.88.248.xxx:2141,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:37:18 +2:00 GMT,203.88.248.xxx:2283,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:37:50 +2:00 GMT,203.88.248.xxx:2364,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:38:22 +2:00 GMT,203.88.248.xxx:2450,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:38:50 +2:00 GMT,203.88.248.xxx:2531,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:39:32 +2:00 GMT,203.88.248.xxx:2642,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:40:02 +2:00 GMT,203.88.248.xxx:2717,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:40:34 +2:00 GMT,203.88.248.xxx:2801,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:41:10 +2:00 GMT,203.88.248.xxx:2899,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:41:44 +2:00 GMT,203.88.248.xxx:2987,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:42:18 +2:00 GMT,203.88.248.xxx:3075,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:43:04 +2:00 GMT,203.88.248.xxx:3188,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:43:50 +2:00 GMT,203.88.248.xxx:3309,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:44:32 +2:00 GMT,203.88.248.xxx:3416,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:45:04 +2:00 GMT,203.88.248.xxx:3493,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:45:36 +2:00 GMT,203.88.248.xxx:3576,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:46:08 +2:00 GMT,203.88.248.xxx:3648,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:46:40 +2:00 GMT,203.88.248.xxx:3735,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:47:10 +2:00 GMT,203.88.248.xxx:3823,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:47:44 +2:00 GMT,203.88.248.xxx:3915,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:48:16 +2:00 GMT,203.88.248.xxx:4001,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:49:06 +2:00 GMT,203.88.248.xxx:4126,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:49:44 +2:00 GMT,203.88.248.xxx:4228,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:50:16 +2:00 GMT,203.88.248.xxx:4310,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:50:46 +2:00 GMT,203.88.248.xxx:4388,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:51:24 +2:00 GMT,203.88.248.xxx:4491,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:51:54 +2:00 GMT,203.88.248.xxx:4568,172.181.232.xxx:41636,TCP (flags:S)
Serie 3:
172.181.182.xxx c'est mon ip
total 35 alertes.
FWIN,2003/06/03,19:42:42 +2:00 GMT,61.145.199.xxx:61755,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:43:58 +2:00 GMT,61.145.199.xxx:52545,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:43:58 +2:00 GMT,61.145.199.xxx:52731,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:04 +2:00 GMT,61.145.199.xxx:54359,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:06 +2:00 GMT,61.145.199.xxx:55355,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:08 +2:00 GMT,61.145.199.xxx:55877,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:14 +2:00 GMT,61.145.199.xxx:57147,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:14 +2:00 GMT,61.145.199.xxx:57647,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:20 +2:00 GMT,61.145.199.xxx:59405,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:06 +2:00 GMT,61.145.199.xxx:46659,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:10 +2:00 GMT,61.145.199.xxx:47533,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:24 +2:00 GMT,61.145.199.xxx:52075,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:40 +2:00 GMT,61.145.199.xxx:56903,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:54 +2:00 GMT,61.145.199.xxx:61293,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:48:28 +2:00 GMT,61.145.199.xxx:39403,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:48:54 +2:00 GMT,61.145.199.xxx:47847,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:48:54 +2:00 GMT,61.145.199.xxx:48185,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:02 +2:00 GMT,61.145.199.xxx:50475,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:02 +2:00 GMT,61.145.199.xxx:50685,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:02 +2:00 GMT,61.145.199.xxx:50723,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:06 +2:00 GMT,61.145.199.xxx:51391,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:16 +2:00 GMT,61.145.199.xxx:54845,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:18 +2:00 GMT,61.145.199.xxx:55059,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:26 +2:00 GMT,61.145.199.xxx:57717,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:30 +2:00 GMT,61.145.199.xxx:59005,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:36 +2:00 GMT,61.145.199.xxx:60649,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:00 +2:00 GMT,61.145.199.xxx:35913,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:02 +2:00 GMT,61.145.199.xxx:36467,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:08 +2:00 GMT,61.145.199.xxx:37735,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:12 +2:00 GMT,61.145.199.xxx:39437,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:24 +2:00 GMT,61.145.199.xxx:42973,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:42 +2:00 GMT,61.145.199.xxx:48739,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:44 +2:00 GMT,61.145.199.xxx:48993,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:52:06 +2:00 GMT,61.145.199.xxx:42561,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:53:00 +2:00 GMT,61.145.199.xxx:59377,172.181.182.xxx:80,TCP (flags:S)
Je sais que c'est un post un peu long mais pas besoin de tout lire pour avoir une idée des differents problèmes... :)
Merci
@+
Na kaer eo va Breizh,
gand ar mor glaz èn-dro dezi !
hier soir je suis allez jeter un z'yeux aux logs de mon firewall, et Ô surpise, tout plein de tentative bloquée ;) jusque là rien d'anormale, j'ai mon lot habituel de requete de connexion sur le port 4662 je suis habitué.
Par contre trois series d'alertes ont attirées mon attention. Ce n'est pas si grave vu que toutes ces tentatives ont été bloquée, mais je voudrait savoir les quelles sont effectivement dangeureuses et que faire dans ce cas la...
Merci du coup de main !
les voici:
serie 1:
172.176.204.xxx c'est mon ip
64.7.212.xxx
64.7.212.yyy
64.7.212.zzz
c'est trois IP differentes, mais pas tant que ca en fait, c'est du genre
12, 13, 14...
Total 54 alertes.
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:18:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:18:40 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:18:40 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:18685,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:18685,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:26270,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:26270,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:34069,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:34069,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:45750,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:45750,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:20360,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:20360,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:24482,TCP (flags:S)
FWIN,2003/06/04,01:19:16 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:24482,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:8699,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:22097,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:42962,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:12454,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:40657,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:24482,TCP (flags:S)
FWIN,2003/06/04,01:21:38 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:24482,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:18685,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.xxx:80,172.176.204.xxx:18685,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:26270,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:26270,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:34069,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.zzz:80,172.176.204.xxx:34069,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:45750,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:45750,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:20360,TCP (flags:S)
FWIN,2003/06/04,01:22:00 +2:00 GMT,64.7.212.yyy:80,172.176.204.xxx:20360,TCP (flags:S)
Serie 2:
172.181.232.xxx c'est mon ip
je ne sais pas a quoi corresspond le port 41636 ...
total 51 alertes.
FWIN,2003/06/02,16:22:20 +2:00 GMT,203.88.248.xxx:3893,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:22:52 +2:00 GMT,203.88.248.xxx:3979,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:23:20 +2:00 GMT,203.88.248.xxx:4064,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:23:50 +2:00 GMT,203.88.248.xxx:4148,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:24:24 +2:00 GMT,203.88.248.xxx:4228,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:24:58 +2:00 GMT,203.88.248.xxx:4317,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:25:30 +2:00 GMT,203.88.248.xxx:4397,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:26:02 +2:00 GMT,203.88.248.xxx:4481,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:26:32 +2:00 GMT,203.88.248.xxx:4563,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:27:10 +2:00 GMT,203.88.248.xxx:4665,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:27:44 +2:00 GMT,203.88.248.xxx:4750,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:28:16 +2:00 GMT,203.88.248.xxx:4830,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:28:46 +2:00 GMT,203.88.248.xxx:4915,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:29:16 +2:00 GMT,203.88.248.xxx:1049,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:30:16 +2:00 GMT,203.88.248.xxx:1206,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:30:56 +2:00 GMT,203.88.248.xxx:1307,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:31:42 +2:00 GMT,203.88.248.xxx:1431,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:32:14 +2:00 GMT,203.88.248.xxx:1527,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:32:50 +2:00 GMT,203.88.248.xxx:1627,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:33:24 +2:00 GMT,203.88.248.xxx:1713,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:33:56 +2:00 GMT,203.88.248.xxx:1784,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:34:28 +2:00 GMT,203.88.248.xxx:1862,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:34:58 +2:00 GMT,203.88.248.xxx:1939,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:35:44 +2:00 GMT,203.88.248.xxx:2045,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:36:18 +2:00 GMT,203.88.248.xxx:2141,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:37:18 +2:00 GMT,203.88.248.xxx:2283,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:37:50 +2:00 GMT,203.88.248.xxx:2364,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:38:22 +2:00 GMT,203.88.248.xxx:2450,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:38:50 +2:00 GMT,203.88.248.xxx:2531,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:39:32 +2:00 GMT,203.88.248.xxx:2642,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:40:02 +2:00 GMT,203.88.248.xxx:2717,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:40:34 +2:00 GMT,203.88.248.xxx:2801,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:41:10 +2:00 GMT,203.88.248.xxx:2899,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:41:44 +2:00 GMT,203.88.248.xxx:2987,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:42:18 +2:00 GMT,203.88.248.xxx:3075,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:43:04 +2:00 GMT,203.88.248.xxx:3188,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:43:50 +2:00 GMT,203.88.248.xxx:3309,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:44:32 +2:00 GMT,203.88.248.xxx:3416,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:45:04 +2:00 GMT,203.88.248.xxx:3493,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:45:36 +2:00 GMT,203.88.248.xxx:3576,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:46:08 +2:00 GMT,203.88.248.xxx:3648,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:46:40 +2:00 GMT,203.88.248.xxx:3735,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:47:10 +2:00 GMT,203.88.248.xxx:3823,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:47:44 +2:00 GMT,203.88.248.xxx:3915,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:48:16 +2:00 GMT,203.88.248.xxx:4001,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:49:06 +2:00 GMT,203.88.248.xxx:4126,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:49:44 +2:00 GMT,203.88.248.xxx:4228,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:50:16 +2:00 GMT,203.88.248.xxx:4310,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:50:46 +2:00 GMT,203.88.248.xxx:4388,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:51:24 +2:00 GMT,203.88.248.xxx:4491,172.181.232.xxx:41636,TCP (flags:S)
FWIN,2003/06/02,16:51:54 +2:00 GMT,203.88.248.xxx:4568,172.181.232.xxx:41636,TCP (flags:S)
Serie 3:
172.181.182.xxx c'est mon ip
total 35 alertes.
FWIN,2003/06/03,19:42:42 +2:00 GMT,61.145.199.xxx:61755,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:43:58 +2:00 GMT,61.145.199.xxx:52545,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:43:58 +2:00 GMT,61.145.199.xxx:52731,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:04 +2:00 GMT,61.145.199.xxx:54359,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:06 +2:00 GMT,61.145.199.xxx:55355,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:08 +2:00 GMT,61.145.199.xxx:55877,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:14 +2:00 GMT,61.145.199.xxx:57147,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:14 +2:00 GMT,61.145.199.xxx:57647,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:44:20 +2:00 GMT,61.145.199.xxx:59405,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:06 +2:00 GMT,61.145.199.xxx:46659,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:10 +2:00 GMT,61.145.199.xxx:47533,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:24 +2:00 GMT,61.145.199.xxx:52075,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:40 +2:00 GMT,61.145.199.xxx:56903,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:47:54 +2:00 GMT,61.145.199.xxx:61293,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:48:28 +2:00 GMT,61.145.199.xxx:39403,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:48:54 +2:00 GMT,61.145.199.xxx:47847,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:48:54 +2:00 GMT,61.145.199.xxx:48185,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:02 +2:00 GMT,61.145.199.xxx:50475,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:02 +2:00 GMT,61.145.199.xxx:50685,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:02 +2:00 GMT,61.145.199.xxx:50723,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:06 +2:00 GMT,61.145.199.xxx:51391,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:16 +2:00 GMT,61.145.199.xxx:54845,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:18 +2:00 GMT,61.145.199.xxx:55059,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:26 +2:00 GMT,61.145.199.xxx:57717,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:30 +2:00 GMT,61.145.199.xxx:59005,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:49:36 +2:00 GMT,61.145.199.xxx:60649,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:00 +2:00 GMT,61.145.199.xxx:35913,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:02 +2:00 GMT,61.145.199.xxx:36467,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:08 +2:00 GMT,61.145.199.xxx:37735,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:12 +2:00 GMT,61.145.199.xxx:39437,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:24 +2:00 GMT,61.145.199.xxx:42973,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:42 +2:00 GMT,61.145.199.xxx:48739,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:50:44 +2:00 GMT,61.145.199.xxx:48993,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:52:06 +2:00 GMT,61.145.199.xxx:42561,172.181.182.xxx:80,TCP (flags:S)
FWIN,2003/06/03,19:53:00 +2:00 GMT,61.145.199.xxx:59377,172.181.182.xxx:80,TCP (flags:S)
Je sais que c'est un post un peu long mais pas besoin de tout lire pour avoir une idée des differents problèmes... :)
Merci
@+
Na kaer eo va Breizh,
gand ar mor glaz èn-dro dezi !
A voir également:
- Attaques ? qu'en faire ?
- Crypto et transactions en ligne : comment se protéger contre les attaques ? - Accueil - Guide VPN
- Attaque informatique en cours - Accueil - Piratage
- Attaque des titans en streaming - Forum Cinéma / Télé
- Angle d'attaque film complet en français - Forum Cinéma / Télé
7 réponses
Salut,
elles sont pas dangereuses car elles ont été bloquées !
:))
Linux is like sex, it's better when it's free... ;)))
C'est ceux qui s'en servent pas qui en disent du mal...
elles sont pas dangereuses car elles ont été bloquées !
:))
Linux is like sex, it's better when it's free... ;)))
C'est ceux qui s'en servent pas qui en disent du mal...
>Par contre trois series d'alertes ont attirées mon attention. Ce n'est
>pas si grave vu que toutes ces tentatives ont été bloquées, mais je
>voudrait savoir les quelles sont effectivement dangeureuses* et que
>faire dans ce cas la... **
:-)
*dangereuses sans Firewall
**dans tout les cas... que faire. :)
Na kaer eo va Breizh,
gand ar mor glaz èn-dro dezi !
>pas si grave vu que toutes ces tentatives ont été bloquées, mais je
>voudrait savoir les quelles sont effectivement dangeureuses* et que
>faire dans ce cas la... **
:-)
*dangereuses sans Firewall
**dans tout les cas... que faire. :)
Na kaer eo va Breizh,
gand ar mor glaz èn-dro dezi !
Merci seb
trés interressant cette doc...
j'hesitais a envoyer un abuse, je ne sais toujours pas si je vais le faire... :(
je vais reflechir encore un peu...
Na kaer eo va Breizh,
gand ar mor glaz èn-dro dezi !
trés interressant cette doc...
j'hesitais a envoyer un abuse, je ne sais toujours pas si je vais le faire... :(
je vais reflechir encore un peu...
Na kaer eo va Breizh,
gand ar mor glaz èn-dro dezi !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Généralement, ça n'est pas trop la peine d'envoyer des abuse pour des tentatives de connexion.
ça ne mène généralement pas à grand chose.
Et puis une tentative de connexion n'est pas forcément une attaque :-)
Par contre en cas d'attaque avérée (intrusion, tentative de DOS, usurpation d'identité, etc.), là il ne faut pas hésiter à mailer à l'abuse.
ça ne mène généralement pas à grand chose.
Et puis une tentative de connexion n'est pas forcément une attaque :-)
Par contre en cas d'attaque avérée (intrusion, tentative de DOS, usurpation d'identité, etc.), là il ne faut pas hésiter à mailer à l'abuse.
Bjr, tout le monde
c la premiere fois sur ce site
et je trouve ca cool l'entraide qui y est offerte.
je voudrai savoir si pro alarm de zone labs est un
bon firewall? si non quel serait le meilleur disponible?
c la premiere fois sur ce site
et je trouve ca cool l'entraide qui y est offerte.
je voudrai savoir si pro alarm de zone labs est un
bon firewall? si non quel serait le meilleur disponible?
ZoneAlarm Pro est bon, mais c'est un produit payant.
ZoneAlarm (version gratuit) fait déjà un bon boulot.
Sinon je préfère Kerio Personal Firewall, plus finement configurable que ZoneAlarm.
Il y en a d'autres: Sygate Personal Firewall, Agnitum Outpost...
ZoneAlarm (version gratuit) fait déjà un bon boulot.
Sinon je préfère Kerio Personal Firewall, plus finement configurable que ZoneAlarm.
Il y en a d'autres: Sygate Personal Firewall, Agnitum Outpost...
cher seb, peux-tu m'aider ? j'ai installé la version Kerio 4 et désinstallée (because ça cause pas le français !) mais a) je trouve plus nulle part sur le net l'ancienne version 2.15, b)avec son patch en français... aurais-tu gardé le lien pour télécharger cette ancienne version ? si oui, mille merciiiiiis !
