PTT數位生活區 / NetSecurity (資安 資訊安全)

[請益] 我被種花警告說被當成跳板了

看板NetSecurity (資安 資訊安全)作者 (風見明)時間14年前 (2010/10/14 17:13), 編輯推噓1(103)
留言4則, 4人參與, 最新討論串1/1
我收到種花電信來信警告 "貴客戶租用之中華電信帳號***** ,遭anti-spam組織uceprotect.net 檢舉透過IP:220.136.48.138 上線期間內,寄送廣告郵件。細詳內容,請您參閱 http://www.uceprotect.net/en/rblcheck.php?ipr=220.136.48.138。" 目前的網路結構是 種花adsl --d-link dir-300 --hub--- 電腦*10 經過掃毒似乎沒發現可以病毒 (江民+木馬期清除大師) 以下是小弟從dir-300取出的紀錄檔 有請大大協助解讀以下紀錄檔 "Oct 14 13:57:48 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:121.10.139.148) detected. Packet dropped." "Oct 14 13:56:33 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:202.39.224.196) detected. Packet dropped." "Oct 14 13:56:10 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:56:00 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:65.55.15.243) detected. Packet dropped." "Oct 14 13:55:10 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:54:17 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.78.87) detected. Packet dropped." "Oct 14 13:54:10 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:54:05 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.78.87) detected. Packet dropped." "Oct 14 13:53:53 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.78.87) detected. Packet dropped." "Oct 14 13:53:45 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.78.87) detected. Packet dropped." "Oct 14 13:53:41 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.78.87) detected. Packet dropped." "Oct 14 13:53:35 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.78.87) detected. Packet dropped." "Oct 14 13:53:32 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.78.87) detected. Packet dropped." "Oct 14 13:53:21 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:121.10.139.148) detected. Packet dropped." "Oct 14 13:53:16 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:52:49 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:52:36 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:52:35 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:52:29 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:52:29 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:52:26 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:52:18 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.121.120) detected. Packet dropped." "Oct 14 13:51:57 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:119.127.220.249) detected. Packet dropped." "Oct 14 13:51:54 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.121.120) detected. Packet dropped." "Oct 14 13:51:45 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.121.120) detected. Packet dropped." "Oct 14 13:51:42 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.121.120) detected. Packet dropped." "Oct 14 13:51:34 ","DHCP: Server sending ACK to 192.168.10.112. (Lease time = 604800)" "Oct 14 13:51:34 ","DHCP: Server receive REQUEST from 00:1d:e0:ae:78:b7." "Oct 14 13:51:33 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:124.237.121.120) detected. Packet dropped." "Oct 14 13:51:26 ","DHCP: Server sending ACK to 192.168.10.112. (Lease time = 604800)" "Oct 14 13:51:26 ","DHCP: Server receive REQUEST from 00:1d:e0:ae:78:b7." "Oct 14 13:50:28 ","DHCP: Server sending ACK to 192.168.10.112. (Lease time = 604800)" "Oct 14 13:50:28 ","DHCP: Server receive REQUEST from 00:1d:e0:ae:78:b7." "Oct 14 13:49:57 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:65.55.15.243) detected. Packet dropped." "Oct 14 13:48:56 ","DROP: 001. Drop TCP Packet from WAN, src:220.132.152.183:2156, dst:220.136.40.49:80." "Oct 14 13:48:50 ","DROP: 001. Drop TCP Packet from WAN, src:220.132.152.183:2156, dst:220.136.40.49:80." "Oct 14 13:48:47 ","DROP: 001. Drop TCP Packet from WAN, src:220.132.152.183:2156, dst:220.136.40.49:80." "Oct 14 13:46:32 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:202.39.224.196) detected. Packet dropped." "Oct 14 13:46:32 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:202.39.224.196) detected. Packet dropped." "Oct 14 13:46:32 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:202.39.224.196) detected. Packet dropped." "Oct 14 13:46:32 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:202.39.224.196) detected. Packet dropped." "Oct 14 13:46:24 ","DHCP: Server sending ACK to 192.168.10.112. (Lease time = 604800)" "Oct 14 13:46:24 ","DHCP: Server receive REQUEST from 00:1d:e0:ae:78:b7." "Oct 14 13:45:44 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:202.39.224.60) detected. Packet dropped." "Oct 14 13:43:20 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:121.10.139.147) detected. Packet dropped." "Oct 14 13:41:09 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.218) detected. Packet dropped." "Oct 14 13:40:17 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.207) detected. Packet dropped." "Oct 14 13:39:54 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.118) detected. Packet dropped." "Oct 14 13:39:28 ","DROP: 001. Drop TCP Packet from WAN, src:220.130.128.113:63599, dst:220.136.40.49:80." "Oct 14 13:39:22 ","DROP: 001. Drop TCP Packet from WAN, src:220.130.128.113:63599, dst:220.136.40.49:80." "Oct 14 13:39:19 ","DROP: 001. Drop TCP Packet from WAN, src:220.130.128.113:63599, dst:220.136.40.49:80." "Oct 14 13:36:57 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:119.127.220.249) detected. Packet dropped." "Oct 14 13:35:09 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.154) detected. Packet dropped." "Oct 14 13:34:32 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:119.127.220.249) detected. Packet dropped." "Oct 14 13:34:09 ","DROP: 001. Drop TCP Packet from WAN, src:220.135.80.155:1218, dst:220.136.40.49:80." "Oct 14 13:34:03 ","DROP: 001. Drop TCP Packet from WAN, src:220.135.80.155:1218, dst:220.136.40.49:80." "Oct 14 13:34:00 ","DROP: 001. Drop TCP Packet from WAN, src:220.135.80.155:1218, dst:220.136.40.49:80." "Oct 14 13:32:15 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:119.127.220.249) detected. Packet dropped." "Oct 14 13:31:56 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.167) detected. Packet dropped." "Oct 14 13:27:59 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.112) detected. Packet dropped." "Oct 14 13:26:27 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.103) detected. Packet dropped." "Oct 14 13:14:45 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.109) detected. Packet dropped." "Oct 14 13:13:06 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.161) detected. Packet dropped." "Oct 14 13:11:35 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.159) detected. Packet dropped." "Oct 14 13:09:00 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:121.10.139.149) detected. Packet dropped." "Oct 14 13:08:51 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:119.127.220.249) detected. Packet dropped." "Oct 14 13:07:32 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.206) detected. Packet dropped." "Oct 14 13:06:06 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:05:06 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:04:13 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:209.90.125.254) detected. Packet dropped." "Oct 14 13:04:06 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:03:12 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:02:45 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:02:32 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:02:31 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:02:25 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:02:25 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:02:22 ","ATTACK Detected: 001[SYN-ACK] attack from WAN (ip:168.95.192.1) detected. Packet dropped." "Oct 14 13:01:28 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:65.55.15.243) detected. Packet dropped." "Oct 14 12:59:10 ","DHCP: Server sending ACK to 192.168.10.112. (Lease time = 604800)" "Oct 14 12:59:10 ","DHCP: Server receive REQUEST from 00:1d:e0:ae:78:b7." "Oct 14 12:59:10 ","DHCP: Server sending OFFER of 192.168.10.112." "Oct 14 12:59:08 ","DHCP: Server receive DISCOVER from 00:1d:e0:ae:78:b7." "Oct 14 12:58:03 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:58.9.120.5) detected. Packet dropped." "Oct 14 12:51:29 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.5.119) detected. Packet dropped." "Oct 14 12:50:44 ","DROP: 001. Drop TCP Packet from WAN, src:220.137.65.72:50597, dst:220.136.40.49:80." "Oct 14 12:50:38 ","DROP: 001. Drop TCP Packet from WAN, src:220.137.65.72:50597, dst:220.136.40.49:80." "Oct 14 12:50:35 ","DROP: 001. Drop TCP Packet from WAN, src:220.137.65.72:50597, dst:220.136.40.49:80." "Oct 14 12:49:20 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:65.55.15.243) detected. Packet dropped." "Oct 14 12:47:29 ","ATTACK Detected: 001[Xmas] attack from WAN (ip:168.95.192.1) detected. Packet dropped." 被種花警告的時段 "Oct 11 17:46:45 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14549, dst:220.136.48.138:80." "Oct 11 17:46:28 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14481, dst:220.136.48.138:80." "Oct 11 17:46:07 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14549, dst:220.136.48.138:80." "Oct 11 17:45:48 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14549, dst:220.136.48.138:80." "Oct 11 17:45:40 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14481, dst:220.136.48.138:80." "Oct 11 17:45:38 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14549, dst:220.136.48.138:80." "Oct 11 17:45:33 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14549, dst:220.136.48.138:80." "Oct 11 17:45:16 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14481, dst:220.136.48.138:80." "Oct 11 17:45:04 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14481, dst:220.136.48.138:80." "Oct 11 17:44:52 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14481, dst:220.136.48.138:80." "Oct 11 17:44:40 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14481, dst:220.136.48.138:80." "Oct 11 17:44:35 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14481, dst:220.136.48.138:80." "Oct 11 17:44:34 ","DROP: 001. Drop TCP Packet from WAN, src:117.47.127.237:14481, dst:220.136.48.138:80." "Oct 11 17:43:04 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.222.220:1093, dst:220.136.48.138:80." "Oct 11 17:42:58 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.222.220:1093, dst:220.136.48.138:80." "Oct 11 17:42:55 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.222.220:1093, dst:220.136.48.138:80." "Oct 11 17:02:25 ","DROP: 001. Drop TCP Packet from WAN, src:220.143.20.224:3622, dst:220.136.48.138:80." "Oct 11 17:02:18 ","DROP: 001. Drop TCP Packet from WAN, src:220.143.20.224:3622, dst:220.136.48.138:80." "Oct 11 17:02:16 ","DROP: 001. Drop TCP Packet from WAN, src:220.143.20.224:3622, dst:220.136.48.138:80." "Oct 11 15:42:44 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.149.171:54443, dst:220.136.48.138:80." "Oct 11 15:42:38 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.149.171:54443, dst:220.136.48.138:80." "Oct 11 15:42:35 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.149.171:54443, dst:220.136.48.138:80." "Oct 11 15:02:05 ","DROP: 001. Drop TCP Packet from WAN, src:119.120.71.42:3513, dst:220.136.48.138:80." "Oct 11 15:01:59 ","DROP: 001. Drop TCP Packet from WAN, src:119.120.71.42:3513, dst:220.136.48.138:80." "Oct 11 15:01:56 ","DROP: 001. Drop TCP Packet from WAN, src:119.120.71.42:3513, dst:220.136.48.138:80." "Oct 11 14:52:38 ","DROP: 001. Drop TCP Packet from WAN, src:199.86.17.72:4711, dst:220.136.48.138:80." "Oct 11 14:52:32 ","DROP: 001. Drop TCP Packet from WAN, src:199.86.17.72:4712, dst:220.136.48.138:80." "Oct 11 14:52:29 ","DROP: 001. Drop TCP Packet from WAN, src:199.86.17.72:4711, dst:220.136.48.138:80." "Oct 11 13:43:00 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.208.94:4702, dst:220.136.48.138:80." "Oct 11 13:42:36 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.208.94:4702, dst:220.136.48.138:80." "Oct 11 13:42:24 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.208.94:4702, dst:220.136.48.138:80." "Oct 11 13:42:18 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.208.94:4702, dst:220.136.48.138:80." "Oct 11 13:42:15 ","DROP: 001. Drop TCP Packet from WAN, src:58.114.208.94:4702, dst:220.136.48.138:80." "Oct 11 13:01:44 ","DROP: 001. Drop TCP Packet from WAN, src:220.130.129.91:62445, dst:220.136.48.138:80." "Oct 11 13:01:38 ","DROP: 001. Drop TCP Packet from WAN, src:220.130.129.91:62445, dst:220.136.48.138:80." -- 體驗磨練不要一味求快,是否體驗磨練,就像白切肉和滷肉的差別~~~! -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 220.136.40.49
10/16 22:52, , 1F
format..
10/16 22:52, 1F
10/21 16:22, , 2F
當跳板的資訊沒有在這裡的紀錄檔裏面
10/21 16:22, 2F
11/08 20:08, , 3F
這十台的pc都掃過毒了嗎?
11/08 20:08, 3F
02/10 04:24, , 4F
試試Symantec吧!
02/10 04:24, 4F
更多 kazamiakira 的文章
文章代碼(AID): #1Cjid7R4 (NetSecurity)
NetSecurity 近期熱門文章
更多 近期熱門文章 >>
PTT數位生活區 即時熱門文章
更多 即時熱門文章 >>
更多 kazamiakira 的文章
文章代碼(AID): #1Cjid7R4 (NetSecurity)