Basalt
October 26th, 2008, 05:11 PM
Using ver 3.0.672.0 of the Eset SS.
Vista Home Premium
Linksys router with Cisco Firewall.
checking the log I have the following message.
10/25/2008 6:18:16 PM Detected Reverse TCP Desynchronization attack 192.168.1.101:139 192.168.1.100:51055 TCP
10/25/2008 2:25:42 PM Incorrect IP packet checksum 0
10/24/2008 6:19:39 PM Detected Reverse TCP Desynchronization attack 192.168.1.101:139 192.168.1.100:49160 TCP
10/23/2008 6:18:40 PM Detected DNS cache poisoning attack 76.85.229.111:53 192.168.1.100:55841 UDP
10/23/2008 6:18:40 PM Detected DNS cache poisoning attack 76.85.229.110:53 192.168.1.100:55841 UDP
10/23/2008 6:18:36 PM Detected DNS cache poisoning attack 76.85.229.111:53 192.168.1.100:55841 UDP
10/23/2008 6:18:36 PM Detected DNS cache poisoning attack 76.85.229.110:53 192.168.1.100:55841 UDP
10/23/2008 6:18:34 PM Detected DNS cache poisoning attack 76.85.229.110:53 192.168.1.100:55841 UDP
10/23/2008 6:18:33 PM Detected DNS cache poisoning attack 76.85.229.111:53 192.168.1.100:55841 UDP
10/23/2008 6:18:32 PM Detected DNS cache poisoning attack 76.85.229.110:53 192.168.1.100:55841 UDP
10/22/2008 7:44:36 PM Incorrect IP packet checksum 0
10/21/2008 6:56:07 PM Incorrect IP packet checksum 0
10/19/2008 3:55:12 PM Detected Reverse TCP Desynchronization attack 192.168.1.101:445 192.168.1.100:49158 TCP
I am assuming the Software is perfoming as required, since it has logged the event, the Whois is within the Roadrunner system which I am also on. what exactly is this and should a log be forwarded to the ISP?
thank You.
Vista Home Premium
Linksys router with Cisco Firewall.
checking the log I have the following message.
10/25/2008 6:18:16 PM Detected Reverse TCP Desynchronization attack 192.168.1.101:139 192.168.1.100:51055 TCP
10/25/2008 2:25:42 PM Incorrect IP packet checksum 0
10/24/2008 6:19:39 PM Detected Reverse TCP Desynchronization attack 192.168.1.101:139 192.168.1.100:49160 TCP
10/23/2008 6:18:40 PM Detected DNS cache poisoning attack 76.85.229.111:53 192.168.1.100:55841 UDP
10/23/2008 6:18:40 PM Detected DNS cache poisoning attack 76.85.229.110:53 192.168.1.100:55841 UDP
10/23/2008 6:18:36 PM Detected DNS cache poisoning attack 76.85.229.111:53 192.168.1.100:55841 UDP
10/23/2008 6:18:36 PM Detected DNS cache poisoning attack 76.85.229.110:53 192.168.1.100:55841 UDP
10/23/2008 6:18:34 PM Detected DNS cache poisoning attack 76.85.229.110:53 192.168.1.100:55841 UDP
10/23/2008 6:18:33 PM Detected DNS cache poisoning attack 76.85.229.111:53 192.168.1.100:55841 UDP
10/23/2008 6:18:32 PM Detected DNS cache poisoning attack 76.85.229.110:53 192.168.1.100:55841 UDP
10/22/2008 7:44:36 PM Incorrect IP packet checksum 0
10/21/2008 6:56:07 PM Incorrect IP packet checksum 0
10/19/2008 3:55:12 PM Detected Reverse TCP Desynchronization attack 192.168.1.101:445 192.168.1.100:49158 TCP
I am assuming the Software is perfoming as required, since it has logged the event, the Whois is within the Roadrunner system which I am also on. what exactly is this and should a log be forwarded to the ISP?
thank You.