dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
23473
share rss forum feed


vcarta

@mchsi.com

TCP Fin Scan, SYN Flood

i was just looking through my router security log, and i found that i keep getting these TCP Fin Scan and SYN Flood to Host messages. My Macbook keeps on getting thrown off my network, and so does another computer that uses a wireless USB adapter. I'm using a relatively new Belkin router.

12/24/2008 22:53:32 **TCP FIN Scan** 192.168.1.6, 57226->> 74.125.77.147, 80 (from WAN Outbound)
12/24/2008 22:53:32 **TCP FIN Scan** 192.168.1.6, 57324->> 72.167.131.38, 80 (from WAN Outbound)
12/24/2008 22:53:32 **TCP FIN Scan** 192.168.1.6, 57307->> 205.234.175.175, 80 (from WAN Outbound)
12/24/2008 22:53:32 **TCP FIN Scan** 192.168.1.6, 57224->> 72.14.221.191, 80 (from WAN Outbound)
12/24/2008 22:45:11 **SYN Flood to Host** 192.168.1.6, 57009->> 208.179.31.51, 80 (from WAN Outbound)
12/24/2008 22:43:33 **SYN Flood to Host** 192.168.1.6, 56772->> 74.54.159.167, 80 (from WAN Outbound)
12/24/2008 22:38:16 **SYN Flood to Host** 192.168.1.6, 56302->> 12.183.124.33, 80 (from WAN Outbound)
12/24/2008 22:36:23 **SYN Flood to Host** 192.168.1.6, 55757->> 12.183.124.31, 80 (from WAN Outbound)
12/24/2008 22:35:06 **TCP FIN Scan** 192.168.1.6, 53172->> 207.211.65.18, 80 (from WAN Outbound)
12/24/2008 22:35:06 **TCP FIN Scan** 192.168.1.6, 53624->> 128.242.191.58, 80 (from WAN Outbound)
12/24/2008 22:35:06 **TCP FIN Scan** 192.168.1.6, 54705->> 209.123.109.176, 80 (from WAN Outbound)
12/24/2008 22:35:06 **TCP FIN Scan** 192.168.1.6, 55253->> 139.72.40.50, 80 (from WAN Outbound)
12/24/2008 22:11:34 **SYN Flood to Host** 192.168.1.6, 54366->> 66.228.118.51, 80 (from WAN Outbound)
12/24/2008 22:03:26 **SYN Flood to Host** 192.168.1.6, 53791->> 66.249.17.251, 80 (from WAN Outbound)
12/24/2008 14:08:20 **TCP FIN Scan** 192.168.1.6, 61746->> 91.189.94.12, 80 (from WAN Outbound)
12/24/2008 14:03:00 **TCP FIN Scan** 192.168.1.6, 61769->> 66.161.92.215, 80 (from WAN Outbound)
12/24/2008 14:03:00 **TCP FIN Scan** 192.168.1.6, 62386->> 70.97.122.153, 80 (from WAN Outbound)
12/24/2008 14:03:00 **TCP FIN Scan** 192.168.1.6, 50173->> 66.230.207.59, 80 (from WAN Outbound)
12/24/2008 14:03:00 **TCP FIN Scan** 192.168.1.6, 64820->> 205.234.225.81, 80 (from WAN Outbound)
12/24/2008 14:03:00 **TCP FIN Scan** 192.168.1.6, 62188->> 67.228.13.170, 80 (from WAN Outbound)
12/24/2008 14:03:00 **TCP FIN Scan** 192.168.1.6, 61748->> 91.189.94.12, 80 (from WAN Outbound)
12/24/2008 13:50:18 **TCP FIN Scan** 140.211.166.65, 80->> 192.168.1.6, 50231 (from WAN Inbound)
12/24/2008 13:44:46 **SYN Flood to Host** 192.168.1.6, 49798->> 64.156.132.215, 80 (from WAN Outbound)
12/24/2008 13:25:06 **SYN Flood to Host** 192.168.1.6, 49220->> 64.156.132.215, 80 (from WAN Outbound)
12/24/2008 12:58:28 **SYN Flood to Host** 192.168.1.6, 64057->> 72.233.69.4, 80 (from WAN Outbound)

1.6 is my Macbook. I downloaded a bittorrent client to get a movie that i bought last year and lost it. Any help is appreciated.



vcarta

@mchsi.com

i also forgot to add that i no longer have the bittorrent client, and i haven't used it since that time. i thought what i did was legal since i already bought it before. is someone trying to stop my connection or something?


SipSizzurp
Fo' Shizzle
Premium
join:2005-12-28
Houston, TX
kudos:4
reply to vcarta

Your logs do not indicate any malicious or nefarious activity. Your outbound connections are associated with your web browsing. Paste the outbound destination IP addresses into yer browser and they open up the websites you have been visiting lately. The one inbound connection you show is from Oregon university and could easily be a result of old torrent traffic or it could be from one of the few billion bots that are constantly scanning the net for a warm place to spawn.

You should investigate your wireless problems in the wireless forum. Belkin wireless routers for example are typically buggy and you will find almost nobody that will recommend them. USB wireless adaptors can be problematic for several reasons, and MAC computers in general are impossible to trouble shoot.
Merry Xmas !
--
I spent most of my money on Women and Beer, and the rest I just wasted !