Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




50 posts

Geek


Topic # 51074 27-Nov-2009 00:56 Send private message

As we head into School holidays, might be a good idea to check out your DSL router security:

Especially if you are using:

Linksys (x30 models)
Netgear (x10 models)

As well as about 15 other models of cable and DSL modems, as there is a new type of virus that focusses in on attacking your DSL router rather than the PC.

Meaning that the router can then do and control all sorts of nasty things to you.

For more info:
http://www.adslgeek.com/blog/?p=3225


Some dude was seeing the following, and it is only going to get worse as we go into School holidays:



Quote:
2009/11/25 11:30:24 Trojan Scan <TCP> Source IP:202.180.64.10 Port:53 Dest IP: Port:1243 
2009/11/25 11:30:24 Trojan Scan <TCP> Source IP:202.180.64.11 Port:53 Dest IP: Port:1243 
2009/11/25 11:30:29 Trojan Scan <TCP> Source IP:202.180.64.10 Port:53 Dest IP: Port:1243 
2009/11/25 11:30:29 Trojan Scan <TCP> Source IP:202.180.64.11 Port:53 Dest IP: Port:1243 
2009/11/25 12:55:04 Trojan Scan <TCP> Source IP:202.180.64.10 Port:53 Dest IP: Port:1999 
2009/11/25 12:55:04 Trojan Scan <TCP> Source IP:202.180.64.11 Port:53 Dest IP: Port:1999 
2009/11/25 12:55:09 Trojan Scan <TCP> Source IP:202.180.64.10 Port:53 Dest IP: Port:1999 
2009/11/25 12:55:09 Trojan Scan <TCP> Source IP:202.180.64.11 Port:53 Dest IP: Port:1999 
2009/11/26 06:52:11 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 
2009/11/26 06:52:14 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 
2009/11/26 06:52:17 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 
2009/11/26 06:52:20 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 
2009/11/26 06:52:26 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 
2009/11/26 06:52:38 Trojan Scan <TCP> Source IP:202.89.36.226 Port:80 Dest IP: Port:1243 
2009/11/26 12:09:42 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 
2009/11/26 12:09:45 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 
2009/11/26 12:09:46 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 
2009/11/26 12:09:51 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 
2009/11/26 12:09:52 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 
2009/11/26 12:10:02 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 
2009/11/26 12:10:23 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999 
2009/11/26 12:11:07 Trojan Scan <TCP> Source IP:119.224.143.10 Port:80 Dest IP: Port:1999



Create new topic
1198 posts

Uber Geek
+1 received by user: 50


  Reply # 276722 27-Nov-2009 01:44 Send private message

Might be worth noting that those IPs all seem to be in use by the ISPs themselves (rather than being allocated to DSL/dialup/etc customers).

202.89.36.226 => authent2.tranzpeer.net
119.224.143.10 => Akamai cache (that I'm currently downloading from)

However, I do find this one rather amusing:
202.89.36.226 (and, yes, it does seem to have the correct RDNS entry.)




rm *
Want to upgrade your ISP? Get $20 credit when you try Bigpipe via this link.


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

True Key by Intel Security adopts Windows Hello
Posted 7-Dec-2016 20:36


Spark moves to 200Gbps wavelength milestone
Posted 7-Dec-2016 16:00


Xero adds Apple Pay
Posted 7-Dec-2016 11:28


Review new Apple MacBook Pro 2016 (13-inch)
Posted 6-Dec-2016 10:08


50Mbps the new fibre normal
Posted 6-Dec-2016 07:02


Microsoft and Netsafe issue fresh warning about scammers
Posted 5-Dec-2016 19:21



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.