Help understanding DOS attacks...

N

nasa

Well-Known Member
Joined
Apr 30, 2009
Messages
266
Reaction score
1
Location
Cape Town
Hi,

Im getting these on my router log:

Mon, 2011-08-01 16:03:23 - UDP Packet - Source:220.156.202.128,3659 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:24 - UDP Packet - Source:81.57.41.252,3659 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:24 - UDP Packet - Source:219.161.137.232,60122 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:24 - UDP Packet - Source:62.47.238.92,3659 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:24 - UDP Packet - Source:219.161.137.232,60122 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:24 - UDP Packet - Source:62.47.238.92,3659 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:24 - UDP Packet - Source:219.161.137.232,60122 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:24 - UDP Packet - Source:62.47.238.92,3659 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:24 - unexpected reply: 530 5.7.0 Must issue a STARTTLS command first. fp3sm4203595wbb.47
Mon, 2011-08-01 16:03:25 - UDP Packet - Source:81.57.41.252,3659 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:25 - UDP Packet - Source:219.161.137.232,60122 Destination:41.135.138.9,3659 - [DOS]
Mon, 2011-08-01 16:03:25 - UDP Packet - Source:62.47.238.92,3659 Destination:41.135.138.9,3659 - [DOS]
Click to expand...


Anyone know what this means?
 
I wouldn't call 8 UDP packets a second a DOS attack.
 
biometrics said:
I wouldn't call 8 UDP packets a second a DOS attack.
Click to expand...

Thanks. I don't really know what a UDP packet is so I don't understand how the packets per second works.

I did a whois from the source ip's and they originate from Austria and Japan... Could this have something to do with playing multiplayer on PS3?
 
As an example.... Burnout Paradise on the PS3 uses TCP/UDP on port 3659...
 
Last edited:
nasa said:
Thanks. I don't really know what a UDP packet is so I don't understand how the packets per second works.

I did a whois from the source ip's and they originate from Austria and Japan... Could this have something to do with playing multiplayer on PS3?
Click to expand...

Many programs use UDP instead of TCP. Games especially... Skype as well.
 
UDP packets are mainly used in real time communication applications, such as games and VOIP. UDP does not support re-sending of a corrupted packet. DOS attacks will send millions of packets, so if your router log is just an endless list of "DOS" messages, then start to worry. If you have a non-static IP account just restart your router, you should connect with a new IP. DOS attacks are automated so a different IP should solve the issue.
 
thanks for the advice.

Its very weird I got another set of DOS'ed UDP packets and the whois gave me peoples names and emails in Cape Town and JHB all with @mweb.com email addresses... It was all on port 53 which is the DNS port apparently.

Just to understand, what does this mean that these IPs were given DOS as incoming traffic?
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X