DoS attack fom Berkley.edu???

Questions and Answers : Getting started : DoS attack fom Berkley.edu???

To post messages, you must log in.

AuthorMessage
OWNER

Send message
Joined: 6 May 10
Posts: 1
Credit: 430,390
RAC: 0
United States
Message 1180406 - Posted: 24 Dec 2011, 9:11:52 UTC

from my router logs:

[DoS Attack: ACK Scan] from source: 208.68.240.18, port 80, Saturday, December 24,2011 00:42:29


there are a lot of them and tracert shows:

Tracing route to boinc2.ssl.berkeley.edu [208.68.240.18]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms READYSHARE [192.168.1.1]
2 8 ms 5 ms 7 ms 10.28.0.1
3 53 ms 15 ms 6 ms 72.240.0.207
4 14 ms 15 ms 18 ms cer-edge-17.inet.qwest.net [208.47.34.193]
5 16 ms 14 ms 15 ms chp-brdr-04.inet.qwest.net [67.14.8.234]
6 14 ms 15 ms 15 ms te6-2-10G.ar3.chi2.gblx.net [208.178.58.137]
7 64 ms 78 ms 64 ms Hurrican-Electric-LLC.Port-channel100.ar3.SJC2.gblx.net [64.214.174.246]
8 71 ms 74 ms 74 ms 10gigabitethernet3-2.core1.pao1.he.net [72.52.92.69]
9 66 ms 75 ms 64 ms 64.71.140.42
10 106 ms 116 ms 107 ms 208.68.243.254
11 113 ms 106 ms 108 ms boinc2.ssl.berkeley.edu [208.68.240.18]


ANY IDEAS as to why my router rejects this?

ID: 1180406 · Report as offensive
blakey

Send message
Joined: 24 Dec 11
Posts: 2
Credit: 0
RAC: 0
Canada
Message 1180503 - Posted: 24 Dec 2011, 20:46:26 UTC - in response to Message 1180406.

does this cause any type of outage or you can't connect to a specific site? I've seen the [DoS Attack] come up in my logs and I don't think it's anything major

ID: 1180503 · Report as offensive
blakey

Send message
Joined: 24 Dec 11
Posts: 2
Credit: 0
RAC: 0
Canada
Message 1180505 - Posted: 24 Dec 2011, 20:48:13 UTC - in response to Message 1180406.

I also checked the IP on multiple DNSBLs and it comes up clean (unless it's a brand new threat)..


is not listed in bl.spamcop.net
is not listed in pbl.spamhaus.org
is not listed in cbl.abuseat.org
is not listed in IP.v4BL.org
is not listed in sbl.spamhaus.org
is not listed in xbl.spamhaus.org


source

ID: 1180505 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3654
Credit: 8,589,802
RAC: 1,244
Bulgaria
Message 1180655 - Posted: 25 Dec 2011, 17:13:54 UTC - in response to Message 1180406.

ANY IDEAS as to why my router rejects this?


The SETI@home Servers are:

208.68.240.13 download
208.68.240.16 upload
208.68.240.18 download
208.68.240.20 scheduler

They never contact your computer on their own,
only after your BOINC contacts them they (may) respond.

If the response is too late (connection dropped/timeout at your computer)
your router may think that this too late response is some kind of "attack".





- ALF - "Find out what you don't do well ..... then don't do it!" :)

ID: 1180655 · Report as offensive

Questions and Answers : Getting started : DoS attack fom Berkley.edu???


 
©2016 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.