Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Results 1 to 9 of 9

    Are Sky IP's gettin bombarded?

    This is a discussion on Are Sky IP's gettin bombarded? within the Sky Broadband help forums, part of the Sky Broadband help and support category; No matter what IP I'm on I seem to be getting bombarded with traffic, computers have been scanned and nothing ...

    1. #1
      TRIaXOR™'s Avatar
      TRIaXOR™ is offline Sky User Member
      Exchange: WSDRU
      Broadband ISP: Sky Broadband Unlimited
      Router: Non Sky Router
      Sky TV: Sky+ HD
      Join Date
      Apr 2007
      Location
      Glasgow
      Posts
      162
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Are Sky IP's gettin bombarded?

      No matter what IP I'm on I seem to be getting bombarded with traffic, computers have been scanned and nothing nasty found on any machine using Nod32, Trends Housecall and Norton 2k7, the weird thing is, I'm still getting bombarded even if I restart (power off/on) the router for a new IP with the all comps off.

      Heres the Log..

      Jul 2 16:41:03 kernel: Intrusion detected from 80.195.4.209. Source port is 1293, and destination port is 27928 which use the TCP protocol.

      Jul 2 16:41:06 kernel: Intrusion detected from 80.195.4.209. Source port is 1293, and destination port is 27928 which use the TCP protocol.

      Jul 2 16:41:12 kernel: Intrusion detected from 80.195.4.209. Source port is 1293, and destination port is 27928 which use the TCP protocol.

      Jul 2 16:44:25 kernel: Intrusion detected from 218.6.19.7. Source port is 6000, and destination port is 1433 which use the TCP protocol.

      Jul 2 16:51:24 kernel: Intrusion detected from 125.65.112.177. Source port is 6000, and destination port is 135 which use the TCP protocol.

      Jul 2 17:14:31 kernel: Intrusion detected from 219.154.21.62. Source port is 6000, and destination port is 53 which use the TCP protocol.

      Jul 2 17:16:49 kernel: Intrusion detected from 195.117.225.220. Source port is 2353, and destination port is 3128 which use the TCP protocol.

      Jul 2 17:16:52 kernel: Intrusion detected from 195.117.225.220. Source port is 2353, and destination port is 3128 which use the TCP protocol.

      Jul 2 17:25:27 kernel: Intrusion detected from 190.20.82.206. Source port is 3096, and destination port is 49560 which use the TCP protocol.

      Jul 2 17:32:41 kernel: Intrusion detected from 125.65.112.192. Source port is 6000, and destination port is 8080 which use the TCP protocol.

      Jul 2 17:47:36 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 2 17:56:03 kernel: Intrusion detected from 89.170.106.63. Source port is 1252, and destination port is 27928 which use the TCP protocol.

      Jul 2 18:13:36 kernel: Intrusion detected from 90.224.219.210. Source port is 4075, and destination port is 445 which use the TCP protocol.

      Jul 2 18:13:39 kernel: Intrusion detected from 90.224.219.210. Source port is 4075, and destination port is 445 which use the TCP protocol.

      Jul 2 18:25:59 kernel: Intrusion detected from 90.148.127.0. Source port is 51069, and destination port is 58563 which use the TCP protocol.

      Jul 2 18:32:46 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 2 18:41:21 kernel: Intrusion detected from 61.164.150.161. Source port is 6000, and destination port is 135 which use the TCP protocol.

      Jul 2 19:27:01 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 2 19:27:52 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 3128 which use the TCP protocol.

      Jul 2 19:29:07 kernel: Intrusion detected from 85.236.146.6. Source port is 3364, and destination port is 10000 which use the TCP protocol.

      Jul 2 19:29:10 kernel: Intrusion detected from 85.236.146.6. Source port is 3364, and destination port is 10000 which use the TCP protocol.

      Jul 2 19:56:38 kernel: Intrusion detected from 90.44.213.228. Source port is 1772, and destination port is 27928 which use the TCP protocol.

      Jul 2 19:56:41 kernel: Intrusion detected from 90.44.213.228. Source port is 1772, and destination port is 27928 which use the TCP protocol.

      Jul 2 19:56:47 kernel: Intrusion detected from 90.44.213.228. Source port is 1772, and destination port is 27928 which use the TCP protocol.

      Jul 2 20:03:11 kernel: Intrusion detected from 91.121.93.86. Source port is 36766, and destination port is 21 which use the TCP protocol.

      Jul 2 20:20:41 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8000 which use the TCP protocol.

      Jul 2 20:21:06 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 3128 which use the TCP protocol.

      Jul 2 20:25:54 kernel: PORT SCANNER ATTACK detected from 125.65.112.135. Source port is 6000, and destination port is 80 which use the TCP protocol.

      Jul 2 20:35:55 kernel: Intrusion detected from 218.6.19.7. Source port is 6000, and destination port is 1433 which use the TCP protocol.

      Jul 2 21:01:16 kernel: Intrusion detected from 221.130.197.144. Source port is 6000, and destination port is 135 which use the TCP protocol.

      Jul 2 21:13:39 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 2 21:14:06 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8000 which use the TCP protocol.

      Jul 2 21:15:02 kernel: Intrusion detected from 218.10.17.243. Source port is 6000, and destination port is 2967 which use the TCP protocol.

      Jul 2 21:25:56 kernel: Intrusion detected from 70.227.192.133. Source port is 50410, and destination port is 11693 which use the TCP protocol.

      Jul 2 21:37:12 kernel: Intrusion detected from 90.177.195.144. Source port is 3037, and destination port is 135 which use the TCP protocol.

      Jul 2 21:47:56 kernel: Intrusion detected from 90.189.195.32. Source port is 12732, and destination port is 135 which use the TCP protocol.

      Jul 2 21:55:32 kernel: Intrusion detected from 76.64.190.112. Source port is 60162, and destination port is 6881 which use the TCP protocol.

      Jul 2 22:05:14 kernel: Intrusion detected from 125.65.112.192. Source port is 6000, and destination port is 8080 which use the TCP protocol.

      Jul 2 22:27:09 kernel: Intrusion detected from 90.201.4.126. Source port is 49402, and destination port is 58563 which use the TCP protocol.

      Jul 2 22:27:12 kernel: Intrusion detected from 90.201.4.126. Source port is 49402, and destination port is 58563 which use the TCP protocol.

      Jul 2 22:34:46 kernel: Intrusion detected from 90.191.28.135. Source port is 1176, and destination port is 135 which use the TCP protocol.

      Jul 2 22:46:12 kernel: Intrusion detected from 67.159.145.168. Source port is 63055, and destination port is 15098 which use the TCP protocol.

      Jul 2 22:54:36 kernel: Intrusion detected from 90.131.110.179. Source port is 11488, and destination port is 135 which use the TCP protocol.

      Jul 2 23:02:18 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 2 23:35:36 kernel: Intrusion detected from 91.121.164.132. Source port is 4636, and destination port is 5900 which use the TCP protocol.

      Jul 2 23:35:39 kernel: Intrusion detected from 91.121.164.132. Source port is 4636, and destination port is 5900 which use the TCP protocol.

      Jul 2 23:57:37 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 2 23:57:49 kernel: Intrusion detected from 89.176.58.229. Source port is 54683, and destination port is 27928 which use the TCP protocol.

      Jul 2 23:57:50 kernel: Intrusion detected from 89.176.58.229. Source port is 54683, and destination port is 27928 which use the TCP protocol.

      Jul 3 00:04:15 kernel: Intrusion detected from 121.78.116.165. Source port is 6000, and destination port is 135 which use the TCP protocol.

      Jul 3 00:17:13 kernel: Intrusion detected from 218.6.19.7. Source port is 6000, and destination port is 1433 which use the TCP protocol.

      Jul 3 00:27:43 kernel: Intrusion detected from 90.208.157.182. Source port is 49661, and destination port is 58563 which use the TCP protocol.

      Jul 3 00:35:42 kernel: Intrusion detected from 75.18.111.60. Source port is 49912, and destination port is 51546 which use the TCP protocol.

      Jul 3 00:43:31 kernel: Intrusion detected from 75.18.111.60. Source port is 50423, and destination port is 51546 which use the TCP protocol.

      Jul 3 00:52:53 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 3 01:42:59 kernel: Intrusion detected from 59.36.101.9. Source port is 6000, and destination port is 135 which use the TCP protocol.

      Jul 3 01:49:11 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 3 01:58:26 kernel: Intrusion detected from 90.24.111.71. Source port is 53673, and destination port is 27928 which use the TCP protocol.

      Jul 3 01:58:32 kernel: Intrusion detected from 90.24.111.71. Source port is 53673, and destination port is 27928 which use the TCP protocol.

      Jul 3 02:06:54 kernel: Intrusion detected from 92.2.103.215. Source port is 1997, and destination port is 16603 which use the TCP protocol.

      Jul 3 02:06:57 kernel: Intrusion detected from 92.2.103.215. Source port is 1997, and destination port is 16603 which use the TCP protocol.

      Jul 3 02:24:42 kernel: Intrusion detected from 218.10.17.243. Source port is 6000, and destination port is 2967 which use the TCP protocol.

      Jul 3 02:39:38 kernel: Intrusion detected from 125.65.112.192. Source port is 6000, and destination port is 8080 which use the TCP protocol.

      Jul 3 02:46:34 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8000 which use the TCP protocol.

      Jul 3 02:47:00 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 3128 which use the TCP protocol.

      Jul 3 03:20:39 kernel: Intrusion detected from 74.194.19.220. Source port is 3886, and destination port is 9689 which use the TCP protocol.

      Jul 3 03:20:42 kernel: Intrusion detected from 74.194.19.220. Source port is 3886, and destination port is 9689 which use the TCP protocol.

      Jul 3 03:41:41 kernel: Intrusion detected from 221.8.61.69. Source port is 6000, and destination port is 8080 which use the TCP protocol.

      Jul 3 03:42:53 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 3 03:43:18 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8000 which use the TCP protocol.

      Jul 3 03:43:43 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 3128 which use the TCP protocol.

      Jul 3 03:55:25 kernel: Intrusion detected from 218.6.19.7. Source port is 6000, and destination port is 1433 which use the TCP protocol.

      Jul 3 04:38:25 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 3 04:38:50 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8000 which use the TCP protocol.

      Jul 3 04:39:16 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 3128 which use the TCP protocol.

      Jul 3 04:46:48 kernel: Intrusion detected from 90.189.169.250. Source port is 59866, and destination port is 135 which use the TCP protocol.

      Jul 3 05:06:13 kernel: Intrusion detected from 125.65.112.135. Source port is 6000, and destination port is 8000 which use the TCP protocol.

      Jul 3 05:06:13 kernel: Intrusion detected from 125.65.112.135. Source port is 6000, and destination port is 3128 which use the TCP protocol.

      Jul 3 05:06:13 kernel: Intrusion detected from 125.65.112.135. Source port is 6000, and destination port is 8080 which use the TCP protocol.

      Jul 3 05:06:13 kernel: PORT SCANNER ATTACK detected from 125.65.112.135. Source port is 6000, and destination port is 80 which use the TCP protocol.

      Jul 3 05:12:39 kernel: Intrusion detected from 90.150.143.236. Source port is 12139, and destination port is 135 which use the TCP protocol.

      Jul 3 05:23:23 kernel: Intrusion detected from 24.16.92.69. Source port is 3589, and destination port is 47123 which use the TCP protocol.

      Jul 3 05:28:38 kernel: Intrusion detected from 24.16.92.69. Source port is 4009, and destination port is 47123 which use the TCP protocol.

      Jul 3 05:46:01 kernel: Intrusion detected from 190.20.114.114. Source port is 2877, and destination port is 49560 which use the TCP protocol.

      Jul 3 06:29:33 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.

      Jul 3 06:30:02 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8000 which use the TCP protocol.

      Jul 3 06:30:30 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 3128 which use the TCP protocol.

      Jul 3 07:17:38 kernel: Intrusion detected from 125.65.112.192. Source port is 6000, and destination port is 8080 which use the TCP protocol.

      Jul 3 07:21:44 kernel: Intrusion detected from 216.133.249.103. Source port is 2260, and destination port is 5900 which use the TCP protocol.

      Jul 3 07:21:47 kernel: Intrusion detected from 216.133.249.103. Source port is 2260, and destination port is 5900 which use the TCP protocol.

      Jul 3 07:24:06 kernel: Intrusion detected from 125.65.165.139. Source port is 12200, and destination port is 8080 which use the TCP protocol.
      This is the Shortend version too, the log is MUCH bigger

      Also, the Wireless is on but set not to broadcast SSID and has WPA-PSK(no server) Encryption.

      Anyone else getting this?
      Powered by Sky Broadband Unlimited


    2. Advertisement
    3. #2
      TRIaXOR™'s Avatar
      TRIaXOR™ is offline Sky User Member
      Exchange: WSDRU
      Broadband ISP: Sky Broadband Unlimited
      Router: Non Sky Router
      Sky TV: Sky+ HD
      Join Date
      Apr 2007
      Location
      Glasgow
      Posts
      162
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Are Sky IP's gettin bombarded?

      oh, and I dont use P2P..
      Powered by Sky Broadband Unlimited

    4. #3
      Qwakrz's Avatar
      Qwakrz is offline Sky User Member
      Exchange: Ivybridge
      Broadband ISP: Max
      Router: Sagem F@ST 2504
      Sky TV:
      Join Date
      Apr 2008
      Posts
      14
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Are Sky IP's gettin bombarded?

      You may not use P2P but if the person who had your IP address before you had P2P then the clients on the net will be trying to connect to a now closed port and a such you will see alot of the errors you have listed.

      Of course, there will always be one or two that try and probe your connection to see if its open at all.

      If this image is not here, my net connection has gone down.. Please hit it with a hammer

    5. #4
      TRIaXOR™'s Avatar
      TRIaXOR™ is offline Sky User Member
      Exchange: WSDRU
      Broadband ISP: Sky Broadband Unlimited
      Router: Non Sky Router
      Sky TV: Sky+ HD
      Join Date
      Apr 2007
      Location
      Glasgow
      Posts
      162
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Are Sky IP's gettin bombarded?

      this his been for days now on at least 10 different IP's surely not everyone is using P2P, there seems to be a pattern in the ports too
      Powered by Sky Broadband Unlimited

    6. #5
      dickster's Avatar
      dickster is offline Sky User Member
      Exchange: 01424
      Broadband ISP: Mid
      Router: Sagem F@ST 2504
      Sky TV:
      Join Date
      Jun 2008
      Posts
      10
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Are Sky IP's gettin bombarded?

      Dont worry about it.
      It shows the router firewall is doing it's job.
      You should see my firewall log in zonealarm , gets an alert every second.

    7. #6
      James67's Avatar
      James67 is offline Sky User Member
      Exchange:
      Broadband ISP: Other ISP
      Router: Non Sky Router
      Sky TV: Freesat
      Join Date
      Sep 2007
      Posts
      1,789
      Thanks
      0
      Thanked 2 Times in 2 Posts
      Blog Entries
      3

      Re: Are Sky IP's gettin bombarded?

      Quote Originally Posted by TRIaXOR™ View Post
      this his been for days now on at least 10 different IP's surely not everyone is using P2P, there seems to be a pattern in the ports too
      Most of the port scans seem to be looking for vulnerable Windows machines and web proxies, not p2p. The router blocks these without breaking a sweat.

      It'd be nice if the router said "intrusion attempt detected" or even better "intrusion attempt blocked" rather than just "intrusion detected". You're not the first person to look at the logs and feel understandably, but needlessly, worried.

    8. #7
      Netgeezer's Avatar
      Netgeezer is offline Sky User Member
      Exchange:
      Broadband ISP: Max
      Router: Netgear V2 DG934G
      Sky TV:
      Join Date
      Sep 2007
      Posts
      355
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Are Sky IP's gettin bombarded?

      If you are still worried or concerned try checking your security by using ShieldsUp at **Home of Gibson Research Corporation** You'll soon find out if you are open where you shouldn't be. Most importantly, see if you are in full or partial "Stealth" mode.
      It's not that I'm so smart, it's just that I stay with problems longer.
      [Albert Einstein]




      ADSL Nation XF-1e filter - the dogs nuts

    9. #8
      Proppinupthebar's Avatar
      Proppinupthebar is offline Sky User Beta tester
      Exchange: Locks Heath
      Broadband ISP: Sky Max
      Router: Sagem F@ST 2504
      Sky TV: 2*Sky+, Sky+ HD
      Join Date
      Nov 2007
      Posts
      962
      Thanks
      1
      Thanked 4 Times in 4 Posts

      Re: Are Sky IP's gettin bombarded?

      Quote Originally Posted by Netgeezer View Post
      If you are still worried or concerned try checking your security by using ShieldsUp at **Home of Gibson Research Corporation** You'll soon find out if you are open where you shouldn't be. Most importantly, see if you are in full or partial "Stealth" mode.
      I wouldn't put too much trust in Steve Gibson. Theres various sites which argue about some of the 'facts' he has posted, and the 'inventions' he has re-invented.

    10. #9
      Netgeezer's Avatar
      Netgeezer is offline Sky User Member
      Exchange:
      Broadband ISP: Max
      Router: Netgear V2 DG934G
      Sky TV:
      Join Date
      Sep 2007
      Posts
      355
      Thanks
      0
      Thanked 0 Times in 0 Posts

      Re: Are Sky IP's gettin bombarded?

      There's always someone bound to critique the likes of Steve Gibson, and he hasn't exactly made too many friends in the industry. But it is a reasonable approach to check out ShieldsUp. That or run a port scan yourself!
      It's not that I'm so smart, it's just that I stay with problems longer.
      [Albert Einstein]




      ADSL Nation XF-1e filter - the dogs nuts

     

     

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2017. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION