-
January 19th, 2011, 02:59 PM
#1
Member
Strange network traffic but I dont know how to track it
Hi,
I am getting logs from my router(Netgear) but I dont know what this is or which machine on the network is generating this. Can anyone help me?
UDP Packet - Source:65.255.54.196,58369 Destination:A.B.C.D,27515 - [DOS]
UDP Packet - Source:90.227.16.233,63327 Destination:A.B.C.D,27515 - [DOS]
A.B.C.D = my router ptp address. I run NAT on the network. I have about 10 workstations and I dont want to search each and everyone for spyware, torrent server, virus.
Any help?
Thanks
.....I rather not say....
-
January 19th, 2011, 03:29 PM
#2
I get this type of UDP traffic when users are using a p2p (torrent, skype etc) and\or streaming video.
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
January 20th, 2011, 08:02 PM
#3
Weird?
The first IP is Cable & Wireless - Turks & Caicos Islands and the second is Telia Sonera AB - Sweden.
SANS suggests those ports might be being used by a new Twitter worm.
-
February 25th, 2011, 04:04 PM
#4
Note on morganlefay's comment: Do you allow p2p?
If someone installed a p2p or sharing client, it will go out on port 80 (usually) and advertise itself as participating on the network. Others will try and connect to them, initiating a connection that gets blocked inbound -- looking like a DoS attack. It'll usually look like a ton of attempts from all over the place (like a small DDoS). That's what I've seen on occasion here...
-
February 25th, 2011, 05:32 PM
#5
No...we dont allow P2P...
but we have a consultant that uses skype at times and it behaves just like a p2p client with IPs coming in from all over....
Router blocks it.....it creates alot of logs.....and I am altered right away when some little fooker starts up a p2p client
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
Similar Threads
-
By cheyenne1212 in forum Miscellaneous Security Discussions
Replies: 7
Last Post: February 1st, 2012, 02:51 PM
-
By ThePreacher in forum Miscellaneous Security Discussions
Replies: 17
Last Post: December 14th, 2006, 09:37 PM
-
By NullDevice in forum The Security Tutorials Forum
Replies: 21
Last Post: December 17th, 2003, 10:03 PM
-
By Computernerd22 in forum Network Security Discussions
Replies: 0
Last Post: July 18th, 2003, 04:36 PM
-
By hatebreed2000 in forum AntiOnline's General Chit Chat
Replies: 1
Last Post: March 14th, 2003, 06:36 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|