Results 1 to 4 of 4

Thread: Read my logs!

  1. February 11th, 2004, 07:05 AM #1
    Computernerd22
    Computernerd22 is offline
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795

    Question Read my logs!

    I am having a little promblem understanding my logs from my ADSL router + firewall. None of these are my IP addressese or my physical addresses. I check my logs daily but I dont remember seeing 'spoof attack from,'

    Feb/10/2004 13:00:50 DHCP lease IP 192.168.1.100 to windows-jzttzou 00-0C-41-24-86-59
    Feb/10/2004 13:00:50 Target IP(255.255.255.255), Target Port(67) Packet Dropped
    Feb/10/2004 13:00:50 Spoof IP(0.0.0.0), Spoof Port(68)
    Feb/10/2004 13:00:50 Spoof Attack fromd MAC(00-0C-41-14-86-59) Detect,
    Feb/10/2004 12:59:39 DHCP lease IP 192.168.1.100 to windows-jzttzou 00-0C-41-24-86-59
    Feb/10/2004 12:59:39 Target IP(255.255.255.255), Target Port(67) Packet Dropped
    Feb/10/2004 12:59:39 Spoof IP(0.0.0.0), Spoof Port(68)
    Feb/10/2004 12:59:39 Spoof Attack fromd MAC(00-0C-41-24-86-59) Detect,
    Feb/10/2004 12:58:34 DHCP lease IP 192.168.1.100 to windows-jxttzou 00-0C-41-24-86-59
    Feb/10/2004 12:48:13 DHCP Request success
    Feb/10/2004 12:47:44 Spoof IP(0.0.0.0), Spoof Port(68)
    Feb/10/2004 12:47:44 Spoof Attack from MAC(00-04-5A-7E-F0-06) Detect    ,
    Feb/10/2004 12:47:40 DHCP Discover
    Feb/10/2004 12:47:24 DHCP Discover
    Feb/10/2004 12:47:15 DHCP Discover
    Feb/10/2004 12:47:10 System started

    Do you think any security has been breached? Please dont tell me get I got hacked. All help is greatly appreciated. Thank you Computernerd22
    Reply With Quote Reply With Quote
  2. February 11th, 2004, 07:08 AM #2
    cheyenne1212
    cheyenne1212 is offline
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    I wouldn't really worry to much about it, however though I would keep an eye on the spoofing part.

    Are there any other computers in your LAN?

    the 255.255.255.255 is a broadcast over the network I belive which is used by computers when looking for a DHCP server.
    =
    Reply With Quote Reply With Quote
  3. February 11th, 2004, 07:17 AM #3
    Computernerd22
    Computernerd22 is offline
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    I wouldn't really worry to much about it, however though I would keep an eye on the spoofing part.
    I have two computers total. Connection is ADSL external modem Linksys DSL ethernet broadband router with built in firewall then firewalls on each other PC aswell. My files harddrives everything is secure so if anyone was even to 'get in' they couldnt steal nothing. Do you think I was breached? Thanks for the reply.
    Reply With Quote Reply With Quote
  4. February 11th, 2004, 07:26 AM #4
    cheyenne1212
    cheyenne1212 is offline
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    No more than Likely, I think it was your second computer looking for a DHCP server.

    I think it might be a false positive.
    =
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules