XtremeSystems Forums

Go Back   XtremeSystems Forums > Software > Security & Networking
Reload this Page Someone's been attacking my ports all week
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Rate Thread Display Modes
Old 02-18-2007, 03:37 AM   #1
Judaeus Apella
Xtreme Addict
 
Judaeus Apella's Avatar
 
Join Date: Nov 2004
Location: Richmond VA. US
Posts: 1,521
Send a message via ICQ to Judaeus Apella Send a message via AIM to Judaeus Apella Send a message via MSN to Judaeus Apella Send a message via Yahoo to Judaeus Apella
Angry Someone's been attacking my ports all week
This guy has been attacking my ports for a week now, about 5 to 10 times a night. I'm getting REALLY tired of it.

I backtraced him and got his info:

OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US

NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
NetName: IANA-CBLK1
NetHandle: NET-192-168-0-0-1
Parent: NET-192-0-0-0-0
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate: 1994-03-15
Updated: 2002-09-16

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org

OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org

# ARIN WHOIS database, last updated 2007-02-17 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

-------------------------

Am I supposed to call that "OrgAbusePhone" number to report the guy? Or will it not really do much good? How can I get this guy to stop?
__________________
Reality is merely an illusion, albeit a very persistent one. - Albert Einstein

True wisdom is the ability to see past the limitations of knowledge. Insanity is knowing too much, and sanity is knowing too much about nothing important.
Judaeus Apella is offline   Reply With Quote
Old 02-18-2007, 04:23 AM   #2
Marvin_The_Martian
Banned
 
Join Date: Feb 2006
Location: Hhw
Posts: 4,116
Quote:
Originally Posted by Judaeus Apella
This guy has been attacking my ports for a week now, about 5 to 10 times a night. I'm getting REALLY tired of it.

I backtraced him and got his info:

OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US

NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
NetName: IANA-CBLK1
NetHandle: NET-192-168-0-0-1
Parent: NET-192-0-0-0-0
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate: 1994-03-15
Updated: 2002-09-16

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org

OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org

# ARIN WHOIS database, last updated 2007-02-17 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

-------------------------

Am I supposed to call that "OrgAbusePhone" number to report the guy? Or will it not really do much good? How can I get this guy to stop?
NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16

That range is reserved for local networks, so if you're getting scanned from there it's no by someone else it's because you probably haven't set up your fw to allow local network traffic ( or atleast not allert you when something on your local network is trying to acces your computer. )

Had the same thing happen to me, thought wth but turned out to be my router trying to forward ports.
Marvin_The_Martian is offline   Reply With Quote
Old 02-18-2007, 04:27 AM   #3
Judaeus Apella
Xtreme Addict
 
Judaeus Apella's Avatar
 
Join Date: Nov 2004
Location: Richmond VA. US
Posts: 1,521
Send a message via ICQ to Judaeus Apella Send a message via AIM to Judaeus Apella Send a message via MSN to Judaeus Apella Send a message via Yahoo to Judaeus Apella
Um... do you know how to fix it?
__________________
Reality is merely an illusion, albeit a very persistent one. - Albert Einstein

True wisdom is the ability to see past the limitations of knowledge. Insanity is knowing too much, and sanity is knowing too much about nothing important.
Judaeus Apella is offline   Reply With Quote
Old 02-18-2007, 04:41 AM   #4
grudgelord
Xtreme Member
 
grudgelord's Avatar
 
Join Date: Jan 2007
Location: The United Hegemony of Fear
Posts: 170
Quote:
Originally Posted by MartianInvader
NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16

That range is reserved for local networks, so if you're getting scanned from there it's no by someone else it's because you probably haven't set up your fw to allow local network traffic ( or atleast not allert you when something on your local network is trying to acces your computer. )

Had the same thing happen to me, thought wth but turned out to be my router trying to forward ports.
MartianInvader is quite correct. This range is specifically reserved by IANA for private use only. IPs in this range are unreachable from outside your network under normal circumstances. So unless you have a family member or roomate who finds it interesting to run scans on your LAN I seriously doubt anyone is trying to hammer you.

If you could let us know what ports are being pounded we might be able to take a shot at figuring out what's going on with your router and how to fix it.
__________________
Look at the tyranny of party--at what is called party allegiance, party loyalty--a snare invented by designing men for selfish purposes--and which turns voters into chattles, slaves, rabbits, and all the while their masters, and they themselves are shouting rubbish about liberty, independence, freedom of opinion, freedom of speech, honestly unconscious of the fantastic contradiction; and forgetting or ignoring that their fathers and the churches shouted the same blasphemies a generation earlier when they were closing their doors against the hunted slave, beating his handful of humane defenders with Bible texts and billies, and pocketing the insults and licking the shoes of his Southern master.
--Mark Twain, The Character of Man

Quote:
Originally Posted by nn_step View Post
One would think your sense of freedom and liberty would not become more narrow as time goes along. Like the frog in the pot that is slowly boiling, just because it isn't instantly hot doesn't mean you wont cook alive...
grudgelord is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes Rate This Thread
Linear Mode Linear Mode
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -8. The time now is 02:23 PM.
Contact Us - XtremeSystems Inc - Archive - Top

Powered by vBulletin® Version 3.7.6
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
XtremeSystems