Denial of service attacks

Discussion in 'privacy problems' started by olopbob, Apr 22, 2004.

Thread Status:
Not open for further replies.
  1. olopbob

    olopbob Registered Member

    Joined:
    Apr 8, 2004
    Posts:
    4
    I've had two major denial of service attacks from the address 12.3.89.21 and I backtraced it to this whois:
    Institute for International Research INSTITINTREASEA-890 (NET-12-3-89-0-1) 12.3.89.0 - 12.3.89.127
    Anyone have any idea who this is? I blocked it but it tried the second time a minute later. This is my first attach that reached my second firewall.
    Thanks
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi olopbob

    Do you have any sample log entries (include protocol, source port/IP, destination port/IP (just xxx out your public IP) that might give us a better idea of what you are seeing?

    Second firewall? Perhaps a little more info your set up might help as well.

    Regards,

    CrazyM
     
  3. olopbob

    olopbob Registered Member

    Joined:
    Apr 8, 2004
    Posts:
    4
    This attack made unlucky 13 hops to me, all through ATT.net except for three through my ISP. It's protocol was TCP, source IP 12.3.89.21 , destination IP 12.223.43.xx. I have XP firewall and Vcom Netdefense which caught it stopped it and denied access to all traffic until I read log and blocked IP.
     
  4. olopbob

    olopbob Registered Member

    Joined:
    Apr 8, 2004
    Posts:
    4
    Crazy M, forgot my security setup:
    Webroot; spysweeper,window washer
    Lavasoft; ad-aware
    spyblocker and spyware stopper
    spybot s/d
    V-com systemsuite 5 with netdefense firewall and email scanner
     
  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    You did not mention source and destination ports or how many. It is unlikely what you experienced was a DOS attack, but full log details may help us determine what you saw.

    Regards,

    CrazyM
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.