Problem dos

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi all.

Yesterday evening i had a bit of problem. Denial of service attack after several single port scan.
The reason why i write here because i never had that amount before. I never had more than 1 DoS. I was about to shut down my laptop anyway, when my Security Suite went mad...
Any experience?
Any advice appreciated.
thx

16/02/2010 20:15:50 92.249.231.95 Host blocked for 5 min DOS
16/02/2010 20:15:50 81.182.29.244 Host blocked for 5 min DOS
16/02/2010 20:15:50 83.20.91.30 Host blocked for 5 min DOS
16/02/2010 20:15:49 212.244.85.146 Host blocked for 5 min DOS
16/02/2010 20:15:49 78.51.135.244 Host blocked for 5 min DOS
16/02/2010 20:15:49 89.215.86.151 Host blocked for 5 min DOS
16/02/2010 20:15:49 88.238.211.9 Host blocked for 5 min DOS
16/02/2010 20:15:49 79.116.99.224 Host blocked for 5 min DOS
16/02/2010 20:15:49 98.167.240.116 Host blocked for 5 min DOS
16/02/2010 20:15:48 86.101.166.167 Host blocked for 5 min DOS
16/02/2010 20:15:05 85.175.233.7 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)
16/02/2010 20:15:05 94.10.233.1 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)
16/02/2010 20:15:05 82.131.192.50 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)
16/02/2010 20:15:05 89.133.99.240 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)
16/02/2010 20:15:04 75.137.105.255 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)
16/02/2010 20:15:04 87.229.111.203 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)
16/02/2010 20:15:04 79.166.104.214 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)
16/02/2010 20:15:04 87.223.80.126 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)
16/02/2010 20:15:04 94.21.58.172 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)
16/02/2010 20:15:04 86.101.132.12 Detected attack, host not blocked SINGLE_SCAN_PORT (32227)

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

That's a whole load of different countries you had port scanning you there, Spain, Hungary and Greece just to name a few.

Are you or anyone on your network running any kind of P2P software? The reason I ask is that's what it looks like with the scan of 32227, it looks like they were trying to connect to you (or at least that address, on that particular port). Usually I would expect multiple port requests rather than a single port.

 

I believe that time i had no P2P running at all.
The only thing what we been doing that time is checking the ebay(we are about to buy couple of staff).
And i have not change anything in my laptop for a while now.

Edit: I had a look on the p2p i have on the laptop. That has a fixed port, which is not the above mentioned.
Hungary would ring a bell, but the rest i have nothing to do....

(I think about the migration to linux, and this is the only issue left,(this problem just get my attention)
the security, my Security Suite will not run on linux. As far as i know linux coming out with all port closed. but must be some firewall for linux as well?? Or this is just the chronic win user point of view??

 

Unless you're running public ip addressing on your laptop (ie issued directly to your laptop by the ISP rather than a private 192.168.x.x address) then it could simply be that the request came into your router and that forwarded to your laptop.

As I said above, there were a lot of different ip's coming from all over the place.

You may want to run some malware scan's just to see if you have been infected by a bot but.. well you may just have to live with it. If it happens again you should investigate the running processes on your machine to ensure nothing spurious is running.

 

Ok.
I could not find any dodgy process running, and the anti virus give a negative report.
At the moment everything running well, so i hope i do not have to live with it
Thank you the help.