Denial of service attacks

Discussion in 'privacy problems' started by olopbob, Apr 22, 2004.

Thread Status:
Not open for further replies.
  1. olopbob

    olopbob Registered Member

    Joined:
    Apr 8, 2004
    Posts:
    4
    I've had two major denial of service attacks from the address 12.3.89.21 and I backtraced it to this whois:
    Institute for International Research INSTITINTREASEA-890 (NET-12-3-89-0-1) 12.3.89.0 - 12.3.89.127
    Anyone have any idea who this is? I blocked it but it tried the second time a minute later. This is my first attach that reached my second firewall.
    Thanks
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi olopbob

    Do you have any sample log entries (include protocol, source port/IP, destination port/IP (just xxx out your public IP) that might give us a better idea of what you are seeing?

    Second firewall? Perhaps a little more info your set up might help as well.

    Regards,

    CrazyM
     
  3. olopbob

    olopbob Registered Member

    Joined:
    Apr 8, 2004
    Posts:
    4
    This attack made unlucky 13 hops to me, all through ATT.net except for three through my ISP. It's protocol was TCP, source IP 12.3.89.21 , destination IP 12.223.43.xx. I have XP firewall and Vcom Netdefense which caught it stopped it and denied access to all traffic until I read log and blocked IP.
     
  4. olopbob

    olopbob Registered Member

    Joined:
    Apr 8, 2004
    Posts:
    4
    Crazy M, forgot my security setup:
    Webroot; spysweeper,window washer
    Lavasoft; ad-aware
    spyblocker and spyware stopper
    spybot s/d
    V-com systemsuite 5 with netdefense firewall and email scanner
     
  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    You did not mention source and destination ports or how many. It is unlikely what you experienced was a DOS attack, but full log details may help us determine what you saw.

    Regards,

    CrazyM
     
Loading...
Thread Status:
Not open for further replies.