Under Attack

Apparently I am under attack by the Black hole at IANA.

The protocol is UDP, sometimes using IGMP, source and destination addresses are 169.254.1.*, source ports 20k 30k and 60k, destination ports are 5000 and 20k

This is everyday filling my logs.

What is really happening?

 

is it related to yahoo chats ?or did you change any configuration with your router if you happen to have one?

 

Don't use chats.
Router configs- changed from WEP to WPA2 and other improved security enhancements like disable PnP.

 

How about p2p?

Unless you're being unbelievably bombarded with tens of thousands of hits, I'd not worry bout it. It'll go away in time, whatever it is....

 

by the looks of it, someone is not able to obtain a valid ip address, thus the reason for the first two octets of 169.254. it may be someone elses wireless nic attempting to obtain the ip from your router. Just one of a few guesses. I'd say it's nothing to worry about.

 

Indeed. 169.254 is the zero-config IP, self-assigned by (usually) MS machines when they can't obtain IP by DHCP or otherwise. So you must have another machine on your segment that can't get a valid IP and uses this one and then sends discovery packets all over the place.
Mrk