DoS attack op router??

[shevchenko13]

ik keek eens naar de logs in me router en zag DoS attack? me pc is tegenwoordig ook meestal op 100% met cpu en de werkgeheugen af en toe.. weet niet of ik een virus te pakken heb. Heb met ad aware gescant maar hij had alleen cookie gevonden.

Hier de log van DoS atttack

[LAN access from remote] from 195.241.179.185:54469 to 10.0.0.23:51791, Sunday, October 10,2010 00:49:44
[DoS Attack: ACK Scan] from source: 195.241.179.185, port 54469, Sunday, October 10,2010 00:49:42
[LAN access from remote] from 195.241.179.185:54469 to 10.0.0.23:51791, Sunday, October 10,2010 00:49:42
[DoS Attack: ACK Scan] from source: 195.241.179.185, port 54469, Sunday, October 10,2010 00:49:41
[LAN access from remote] from 195.241.179.185:54469 to 10.0.0.23:51791, Sunday, October 10,2010 00:49:41
[DoS Attack: ACK Scan] from source: 195.241.179.185, port 54469, Sunday, October 10,2010 00:49:40
[LAN access from remote] from 195.241.179.185:54469 to 10.0.0.23:51791, Sunday, October 10,2010 00:49:40
[DoS Attack: ACK Scan] from source: 195.241.179.185, port 54469, Sunday, October 10,2010 00:49:39
[LAN access from remote] from 195.241.179.185:54469 to 10.0.0.23:51791, Sunday, October 10,2010 00:49:39
[DoS Attack: ACK Scan] from source: 195.241.179.185, port 54469, Sunday, October 10,2010 00:49:38
[LAN access from remote] from 195.241.179.185:54469 to 10.0.0.23:51791, Sunday, October 10,2010 00:49:38
[LAN access from remote] from 87.209.199.198:65429 to 10.0.0.4:65115, Sunday, October 10,2010 00:40:04
[LAN access from remote] from 87.209.199.198:55455 to 10.0.0.23:57054, Sunday, October 10,2010 00:40:04
[UPnP set event: add_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:40:03
[UPnP set event: del_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:40:03
[UPnP set event: add_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:40:03
[UPnP set event: del_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:40:03
[UPnP set event: add_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:40:03
[UPnP set event: del_nat_rule] from source 10.0.0.5 Sunday, October 10,2010 00:14:33
[UPnP set event: add_nat_rule] from source 10.0.0.5 Sunday, October 10,2010 00:14:32
[DHCP IP: 10.0.0.5] to MAC address 00:13:ce:c0:46:28, Sunday, October 10,2010 00:12:49
[UPnP set event: del_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:06:14
[UPnP set event: add_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:06:14
[UPnP set event: del_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:06:14
[UPnP set event: add_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:06:14
[UPnP set event: del_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:06:14
[UPnP set event: add_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:06:13
[UPnP set event: del_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:05:42
[UPnP set event: add_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:05:42
[UPnP set event: del_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:05:42
[UPnP set event: add_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:05:42
[UPnP set event: del_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:05:42
[UPnP set event: add_nat_rule] from source 10.0.0.23 Sunday, October 10,2010 00:05:42
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:55:57
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:55:57
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:55:57
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:55:57
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:55:57
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:55:57
[LAN access from remote] from 82.174.250.113:1072 to 10.0.0.23:54998, Saturday, October 09,2010 23:50:52
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:50:51
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:50:51
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:50:51
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:50:51
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:50:51
[UPnP set event: del_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:36:10
[UPnP set event: add_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:35:19
[UPnP set event: del_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:35:18
[UPnP set event: add_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:35:18
[UPnP set event: del_nat_rule] from source 10.0.0.7 Saturday, October 09,2010 23:31:33
[UPnP set event: add_nat_rule] from source 10.0.0.7 Saturday, October 09,2010 23:31:33
[UPnP set event: del_nat_rule] from source 10.0.0.7 Saturday, October 09,2010 23:31:33
[UPnP set event: add_nat_rule] from source 10.0.0.7 Saturday, October 09,2010 23:31:33
[UPnP set event: del_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:24:55
[UPnP set event: add_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:24:03
[UPnP set event: del_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:24:03
[UPnP set event: add_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:24:03
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:19:55
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:19:55
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:19:55
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:19:55
[LAN access from remote] from 93.125.163.42:55046 to 10.0.0.4:65115, Saturday, October 09,2010 23:13:22
[LAN access from remote] from 93.125.163.42:50157 to 10.0.0.23:51865, Saturday, October 09,2010 23:13:22
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:13:21
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:13:20
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:13:20
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:13:20
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 23:13:20
[LAN access from remote] from 95.7.214.17:4414 to 10.0.0.5:5390, Saturday, October 09,2010 23:06:26
[UPnP set event: add_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:06:25
[UPnP set event: del_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:06:24
[UPnP set event: add_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 23:06:24
[LAN access from remote] from 195.241.179.185:54039 to 10.0.0.4:65115, Saturday, October 09,2010 22:49:28
[LAN access from remote] from 195.241.179.185:54469 to 10.0.0.23:51791, Saturday, October 09,2010 22:49:28
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:49:27
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:49:27
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:49:27
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:49:27
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:49:27
[UPnP set event: del_nat_rule] from source 10.0.0.5 Saturday, October 09,2010 22:39:03
[DHCP IP: 10.0.0.7] to MAC address 00:25:11:22:67:cc, Saturday, October 09,2010 22:38:47
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:30:10
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:30:10
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:30:10
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:30:10
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:30:09
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:30:07
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:14:29
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:14:29
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:14:29
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:14:29
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:14:29
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:14:29
[LAN access from remote] from 77.170.106.148:17194 to 10.0.0.23:51255, Saturday, October 09,2010 22:13:31
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:13:29
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:13:29
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:13:29
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:13:29
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:13:29
[LAN access from remote] from 94.214.115.232:46989 to 10.0.0.23:50337, Saturday, October 09,2010 22:11:47
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:11:46
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:11:46
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:11:46
[UPnP set event: del_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:11:46
[UPnP set event: add_nat_rule] from source 10.0.0.23 Saturday, October 09,2010 22:11:46
[LAN access from remote] from 94.214.114.66:57899 to 10.0.0.4:65115, Saturday,

 

[dnties]

100% cpu-belasting is niet gerelateerd aan DOS attacks op de router

Overigens is de bron van de attacks:
195.241.179.185
welke zich vertaalt in
195-241-179-185.ip.telfort.nl

Je kunt dus die log opsturen naar telfort helpdesk (incl. het precieze tijdstip, maar dan moet wel de tijd goed staan op je router!), en hopelijk neemt zij dan actie tegen deze 'hacker'.

Tijs.

 

[royb3]

en via een iplookup kun je vinden dat het uit Amsterdam afkomstig is

 

[shevchenko13]

bedankt voor de hulp. Ik heb geen telfort abbonoment of ik zit niet eens op die site. Gister ging uit het niets windows media player open die een filmpje afspeelde wat op mij pc bevond vandaar dat ik denk dat er iets niet goed is.