This ******* @ 216-234-204-87.deploy.akamaitechnologies.com Keeps Slamming my Firewall... Any Sugestions as to How to stuff this *******?
Printable View
This ******* @ 216-234-204-87.deploy.akamaitechnologies.com Keeps Slamming my Firewall... Any Sugestions as to How to stuff this *******?
Yup.Report him to his ISP.You hack him back and you're no better than he is.
What do mean by 'Slamming'? What port is it trying for? Is it TCP, UDP?
Cheers:
What firewall do you use? Have you any server running on your pc? What versions of them have you (ie. are they correctly patched)?
I think we could begin to help you with those infos.
akamaitechnologies streams media ads. everytime you load a page that loads ads off thier servers your going to find this.
you can stop them by adding this line to your hosts file:
127.0.0.1 216-234-204-87.deploy.akamaitechnologies.com
or droping packets from their ip block at the router
Thank You for your Insight on this Matter.
Regards
fantomj104
Make sure that the firewall you are using is updated. That is probably why its does not stop the request ot time it out. You have to keep updating your firewall.
This is the Firewall Info you guys asked for w/o Indepth
Looks Like a Scan Port Attack to me..Keep in mind this has been in Continuation for about 2 Days Thanks for Any and All Info.
Date/Time Source IP Host name SPort DPort
2002/11/07 10:59:06 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1790
2002/11/07 10:59:05 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1789
2002/11/07 10:57:06 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1790
2002/11/07 10:57:05 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1789
2002/11/07 10:55:29 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1790
2002/11/07 10:55:28 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1789
2002/11/07 10:53:54 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1790
2002/11/07 10:53:53 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1789
2002/11/07 09:49:23 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1680
2002/11/07 09:49:22 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1679
2002/11/07 09:49:10 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1668
2002/11/07 09:48:51 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1667
2002/11/07 09:48:50 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1666
2002/11/07 09:48:32 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1699
2002/11/07 09:48:30 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1698
2002/11/07 09:48:07 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1649
2002/11/07 09:48:07 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1648
2002/11/07 09:47:47 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1680
2002/11/07 09:47:47 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1679
2002/11/07 09:47:34 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1668
2002/11/07 09:47:14 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1667
2002/11/07 09:47:13 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1666
2002/11/07 09:46:55 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1699
2002/11/07 09:46:55 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1698
2002/11/07 09:46:29 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1649
2002/11/07 09:46:28 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1648
2002/11/07 09:46:11 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1680
2002/11/07 09:46:10 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1679
2002/11/07 09:45:58 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1668
2002/11/07 09:45:39 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1667
2002/11/07 09:45:38 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1666
2002/11/07 09:44:54 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1649
2002/11/07 09:44:53 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1648
2002/11/07 09:29:11 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1490
2002/11/07 09:27:10 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1490
2002/11/07 09:25:34 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1490
2002/11/07 09:23:59 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1490
2002/11/06 17:26:03 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1424
2002/11/06 17:26:03 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1423
2002/11/06 17:24:20 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1400
2002/11/06 17:24:20 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1399
2002/11/06 17:24:04 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1424
2002/11/06 17:24:03 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1423
2002/11/06 17:22:26 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1424
2002/11/06 17:22:26 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1423
2002/11/06 17:22:21 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1400
2002/11/06 17:22:20 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1399
2002/11/06 17:21:08 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1297
2002/11/06 17:21:07 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1296
2002/11/06 17:20:51 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1424
2002/11/06 17:20:51 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1423
2002/11/06 17:20:44 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1400
2002/11/06 17:20:43 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1399
2002/11/06 17:19:08 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1400
2002/11/06 17:19:08 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1399
2002/11/06 17:19:07 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1297
2002/11/06 17:19:07 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1296
2002/11/06 17:17:30 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1297
2002/11/06 17:17:30 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1296
2002/11/06 17:15:56 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1297
2002/11/06 17:15:55 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1296
2002/11/06 17:10:11 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1172
2002/11/06 17:10:10 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1171
2002/11/06 17:08:11 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1172
2002/11/06 17:08:10 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1171
2002/11/06 17:06:34 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1172
2002/11/06 17:06:33 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1171
2002/11/06 17:04:58 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1172
2002/11/06 17:04:58 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1171
2002/11/06 10:47:41 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1158
2002/11/06 10:45:40 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1158
2002/11/06 10:44:04 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1158
2002/11/06 10:42:29 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1158
2002/11/05 22:07:58 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1375
2002/11/05 22:07:58 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1374
2002/11/05 22:07:57 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1373
2002/11/05 22:07:57 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1372
2002/11/05 22:07:31 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1351
2002/11/05 22:07:31 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1350
2002/11/05 22:07:30 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1349
2002/11/05 22:07:30 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1348
2002/11/05 22:06:18 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1321
2002/11/05 22:06:18 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1320
2002/11/05 22:06:18 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1319
2002/11/05 22:06:17 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1318
2002/11/05 22:05:58 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1375
2002/11/05 22:05:58 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1374
2002/11/05 22:05:58 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1373
2002/11/05 22:05:57 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1372
2002/11/05 22:05:45 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1274
2002/11/05 22:05:42 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1275
2002/11/05 22:05:30 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1351
2002/11/05 22:05:30 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1350
2002/11/05 22:05:30 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1349
2002/11/05 22:05:29 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1348
2002/11/05 22:04:20 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1375
2002/11/05 22:04:20 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1374
2002/11/05 22:04:20 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1373
2002/11/05 22:04:20 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1372
2002/11/05 22:04:16 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1321
2002/11/05 22:04:16 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1320
2002/11/05 22:04:15 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1319
2002/11/05 22:04:15 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1318
2002/11/05 22:03:54 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1351
2002/11/05 22:03:54 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1350
2002/11/05 22:03:54 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1348
2002/11/05 22:03:53 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1349
2002/11/05 22:03:44 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1274
2002/11/05 22:03:41 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1275
2002/11/05 22:02:46 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1375
2002/11/05 22:02:46 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1374
2002/11/05 22:02:46 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1373
2002/11/05 22:02:45 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1372
2002/11/05 22:02:40 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1321
2002/11/05 22:02:40 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1320
2002/11/05 22:02:40 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1319
2002/11/05 22:02:40 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1318
2002/11/05 22:02:18 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1351
2002/11/05 22:02:18 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1350
2002/11/05 22:02:17 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1349
2002/11/05 22:02:17 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1348
2002/11/05 22:02:08 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1274
2002/11/05 22:02:05 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1275
2002/11/05 22:01:04 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1321
2002/11/05 22:01:04 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1320
2002/11/05 22:01:03 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1319
2002/11/05 22:01:03 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1318
2002/11/05 22:00:34 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1274
2002/11/05 22:00:30 216.234.204.87 216-234-204-87.deploy.akamaitechnologies.com 80 1275
This may sound 'stupid'; but I will say it anyway.
I have seen similar situations when users go to MSN.com
(akamaitechnologies immediately pops up on the router)
Now the stupid part. Are you running MSN messenger ?
(it keeps a connection open to MSN thusly akamaitech)
If so.....try turning off MSN messenger; and see what happens
Also have you run Ad-Aware ? See if you have some damned
ad pop up software running the background.
Ive seen this host before......
it usually pops up when if im connected to yahoo or msn chat.....
When you kill the browser that is connected to the chat, 127.0.0.1 216-234-204-87.deploy.akamaitechnologies.com dissapears. Also the security that this host has is impressive...at first i thought it was a honey pot, but i figured out that it only pops up when im in those commercial java chats. Theres nothing you can do about it xcept not going to yahoo and msn chat.
Weird thing is that its not always there when connected to the mentioned chats, could be some sort of "big brother" or so. Report it to your ISP and see what they make out of it. Let them get the information who or what that host is.
I also recomend not to try anything "dumb" to that host, like i said its got a very tight security, and im sure they have advanced monitoring software running.
Good luck
The others are exactly right...
the reason you could most likely tell that it is not a port scan is that the destination port is always greater than 1024. Now certainly a port scan can do this, but IMHO is not likely because it would have to be specified manually. Also, the fact that the SPORT is 80 definately is indicative of a messenger-like connection. These packets are most likely keepalives or responses back to your machine from whatever server you may be connected to.
It is possible to analyze this in much more depth if you really wanted to find out what is going on and you are willing to put a bit more effort into it. You can start by getting a sniffer trace of the traffic. First look into the TCP header and try to find out what type of packet this is. I would guess that the SYN and ACK bits would be set, of course making it a SYN-ACK packet and usually a response to a connection you initiated with an initial SYN packet. Furthermore, if this is using port 80, it is more than likely not encrypted, which means you can look into the payload of the packets and reconstruct the session to find out exactly what is being sent.
Of course this is a very high-level description, but it may be enough to get you started. Since I am oviously not in front of your machine, I can't say for sure what is going on, so I have made many assumptions. However, I would be more than happy to help you figure it out if you really want to. Send me an email with a sniffer trace or just ask any questions you might have.
OK... I think I have your solution. I had a similar problem as you about 2 weeks ago and after minimal research found out why my firewall was getting raped. You really have nothing to worry about. akamaitechnologies.com is the pimp for many big sites like yahoo, cnn, etc. If you dont believe me just go to yahoo.com and do a netstat. Also after a little searching I found that zonealarm has some serious issues with akamaitechnologies.com, it keeps logging connection atempts long after the connection is dropped, that wouldnt happen to be you firewall would it??? They are currently working on the issue, but like i mentioned before you really have nothing to worry about. Like you when i first noticed my box getting lots of hits from these guys i was paranoid but i hope this post lets you sleep easier