Thanks all.
Mods you can delete this now
Thanks all.
Mods you can delete this now
Last edited by AledJ; 24-10-2010 at 08:26 PM.
Been on Facebook much? (the 3 random outbound addresses I nslookup'd were Facebook hosts)
The inbound ones are indeed most likely scans, don't sweat them too much - if you're connected to the internet then it's going to happen, and is a good reason to not put your machine in a DMZ. As for if the port is open... the screenshot suggests not, but it's probably worth testing with an online portscanner.
Finally I wouldn't worry too much about posting your LAN ip address - it's not going to give anyone access to your machine unless they're on your LAN
AledJ (23-10-2010)
the outbound ones are someone on your network browsing websites... i.e. 69.63.190.22 is facebook
the inbound ones look like scans. You don't really need to hash out your 192 IP's since they're private.
Doesn't your router support NAT & uPnP for the Xbox?
Out of interest why the rules for inbound DNS?
The translation of the logs is: "your sister is doing a lot of facebooking. go to sleep."
If you to post to hexus to query every "hack attack" or warning that your router shows, then you will die of either old age, a heart attack, blood loss from bleeding fingers after 24/7/365 typing, or malnutrition.
http://www.canyouseeme.org/
The "FIN scans" are probably all false positives as a result of you browsing sites and closing lots of TCP connections. Most scans nowadays are straightforward connect attempts.
Last edited by smargh; 23-10-2010 at 11:22 PM.
Ok, why exactly did you redacte all the private ip addresses? a 192.168.0.0/16 address is not addressable from the internet (which is kind of the point of them).
(\__/) All I wanted in the end was world domination and a whole lot of money to spend. - NMA
(='.*=)
(")_(*)
Been pretty much covered - yor NAT firewall is blocking all inbund connections - and passing all outbound one from your private 192.168.xxx.yyy addresses. My guess is that xxx is 0 or 1 (like 95% of all LANS). These are not addressable externally, and are not routable by internet routers.
All ADSL/Internet connections are scanned. I have port 22 open for remote secure login - on a good day I get less than 500 attempts to connect to the server - on a bad day, it can be 50,000 or more. Hence if you DO open any ports (the most common being 80, for http traffic) it is essential that you have other security measures in place to protect the server from malicious attack,and that you pay particular attention to the server application configuration.
But to sum up - sleep easy (apart from wondering exactly what your sister is doing on FB! )
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
There are currently 1 users browsing this thread. (0 members and 1 guests)