Toon posts:

**TCP-SYN with data**

Pagina: 1
Acties:

Vraag

zondag 29 januari 2017 01:01

Acties:
  • 0 Henk 'm!
  • Requa
  • Registratie: Augustus 2014
  • Niet online

Requa

Topicstarter
Mijn vraag:
De laatste tijd krijg ik telkens, en steeds meer meldingen van **TCP-SYN with data** met allemaal poortnummers en IP-nummers waar ik niet vanaf kom.

Relevante software en hardware die ik gebruik:
KPN Alles-in-een-Standaard met 60/6 en momenteel een Arcadyan VGV7519 draaien waarop WiFi is uitgeschakeld, en het WiFi gedeelte via een accespoint loopt.

Wat ik al gevonden of geprobeerd heb:
Heb even snel google gebruikt, maar niet wijzer geworden dan dat een 'hacker' mij probeert aan te vallen, wat me nogal sterk lijkt (hoop ik, dan)? :?

Loggegevens:
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179

01/29/2017  00:33:55 192.168.2.200 login success
01/29/2017  00:33:55 User from 192.168.2.200 timed out
01/29/2017  00:33:23 **TCP-SYN with data** 192.168.2.211, 51667->> 17.252.43.246, 443 (from LAN Inbound)
01/29/2017  00:26:07 sending ACK to 192.168.2.211
01/29/2017  00:26:05 sending ACK to 192.168.2.211
01/29/2017  00:22:39 **TCP-SYN with data** 192.168.2.200, 50173->> 17.252.43.246, 443 (from LAN Inbound)
01/29/2017  00:21:46 192.168.2.200 login success
01/29/2017  00:21:34 sending ACK to 192.168.2.200
01/28/2017  23:01:41 sending ACK to 192.168.2.203
01/28/2017  22:46:41 sending ACK to 192.168.2.202
01/28/2017  22:41:41 sending ACK to 192.168.2.205
01/28/2017  22:41:39 NTP Date/Time updated.    
01/28/2017  22:41:32 Get system time from NTP server:95.211.224.12.
01/28/2017  22:41:00 TR069:Session end.        
01/28/2017  22:41:00 TR069:Received InformResponse
01/28/2017  22:40:58 TR069:Sending 2 PERIODIC inform.
01/28/2017  21:45:12 **TCP-SYN with data** 192.168.2.212, 50728->> 17.252.43.246, 443 (from LAN Inbound)
01/28/2017  21:37:43 sending ACK to 192.168.2.207
01/28/2017  21:37:42 sending OFFER to 192.168.2.207
01/28/2017  21:33:02 **UDP Loop** 185.94.111.1, 47040->> 80.60.2x.xx, 19 (from PPPoE1 Inbound)
01/28/2017  21:04:28 A4:C3:61:7B:A9:39 released
01/28/2017  17:53:41 **TCP-SYN with data** 209.133.214.215, 42270->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 209.133.214.214, 14719->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 209.133.214.211, 18326->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 162.254.151.22, 21490->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 162.254.151.19, 41663->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 162.252.86.86, 18187->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 162.252.86.84, 48312->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 162.252.86.83, 61964->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 104.156.63.21, 50933->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 104.156.63.24, 56357->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:41 **TCP-SYN with data** 162.216.7.27, 10472->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:39 **TCP-SYN with data** 23.111.146.90, 57747->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:39 **TCP-SYN with data** 23.111.146.82, 12520->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:39 **TCP-SYN with data** 23.111.137.83, 23526->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:39 **TCP-SYN with data** 23.111.137.82, 21639->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:39 **TCP-SYN with data** 23.111.136.83, 19563->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:53:39 **TCP-SYN with data** 23.111.136.82, 13211->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  17:12:30 sending ACK to 192.168.2.212
01/28/2017  17:06:34 **TCP-SYN with data** 192.168.2.205, 62583->> 17.252.43.246, 443 (from LAN Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 209.133.214.215, 20357->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 209.133.214.214, 64208->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 209.133.214.211, 18872->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 162.254.151.22, 52187->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 162.254.151.19, 62516->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 162.252.86.86, 44743->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 162.252.86.84, 1027->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 104.156.63.21, 55128->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 162.252.86.83, 55377->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 104.156.63.24, 56759->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 162.216.7.27, 56317->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:50 **TCP-SYN with data** 23.111.146.90, 19688->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:48 **TCP-SYN with data** 23.111.146.82, 25525->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:48 **TCP-SYN with data** 23.111.137.83, 26758->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:48 **TCP-SYN with data** 23.111.137.82, 7145->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:48 **TCP-SYN with data** 23.111.136.83, 6544->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  15:38:48 **TCP-SYN with data** 23.111.136.82, 32879->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:25 **TCP-SYN with data** 209.133.214.215, 13323->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:25 **TCP-SYN with data** 209.133.214.214, 4714->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:25 **TCP-SYN with data** 209.133.214.211, 60593->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:25 **TCP-SYN with data** 162.254.151.22, 34750->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:25 **TCP-SYN with data** 162.254.151.19, 34764->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:25 **TCP-SYN with data** 162.252.86.86, 26084->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:25 **TCP-SYN with data** 162.252.86.84, 7376->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:24 **TCP-SYN with data** 162.252.86.83, 31206->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:24 **TCP-SYN with data** 104.156.63.24, 49554->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:24 **TCP-SYN with data** 162.216.7.27, 8545->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:23 **TCP-SYN with data** 104.156.63.21, 19945->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:22 **TCP-SYN with data** 23.111.146.90, 23951->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:22 **TCP-SYN with data** 23.111.146.82, 38390->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:22 **TCP-SYN with data** 23.111.137.83, 56481->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:22 **TCP-SYN with data** 23.111.137.82, 19411->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:22 **TCP-SYN with data** 23.111.136.83, 35172->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:37:22 **TCP-SYN with data** 23.111.136.82, 50406->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  13:21:38 DHCP Client: [ATM3]Receive Ack from 10.164.32.1,Lease time=86400
01/28/2017  13:21:38 DHCP Client: [ATM3]Send Request, Request IP=10.164.55.189
01/28/2017  11:36:25 **TCP-SYN with data** 209.133.214.215, 24422->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:25 **TCP-SYN with data** 209.133.214.214, 46825->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:25 **TCP-SYN with data** 209.133.214.211, 35568->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:25 **TCP-SYN with data** 162.254.151.22, 63926->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:25 **TCP-SYN with data** 162.254.151.19, 3199->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:25 **TCP-SYN with data** 162.252.86.86, 23607->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:25 **TCP-SYN with data** 162.252.86.84, 35921->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:25 **TCP-SYN with data** 162.252.86.83, 56813->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:25 **TCP-SYN with data** 162.216.7.27, 62263->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:23 **TCP-SYN with data** 104.156.63.21, 43838->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:23 **TCP-SYN with data** 104.156.63.24, 33818->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:23 **TCP-SYN with data** 23.111.146.90, 19660->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:23 **TCP-SYN with data** 23.111.146.82, 11853->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:23 **TCP-SYN with data** 23.111.137.83, 12232->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:23 **TCP-SYN with data** 23.111.137.82, 46022->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:23 **TCP-SYN with data** 23.111.136.83, 16843->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  11:36:23 **TCP-SYN with data** 23.111.136.82, 27696->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:18 **TCP-SYN with data** 209.133.214.215, 64758->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:18 **TCP-SYN with data** 209.133.214.214, 28621->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:18 **TCP-SYN with data** 209.133.214.211, 42447->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:18 **TCP-SYN with data** 162.254.151.22, 10028->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:18 **TCP-SYN with data** 162.254.151.19, 9263->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:18 **TCP-SYN with data** 162.252.86.86, 50169->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:18 **TCP-SYN with data** 162.252.86.84, 16291->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:18 **TCP-SYN with data** 162.252.86.83, 6897->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:16 **TCP-SYN with data** 104.156.63.21, 32319->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:16 **TCP-SYN with data** 104.156.63.24, 61239->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:16 **TCP-SYN with data** 162.216.7.27, 53557->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:16 **TCP-SYN with data** 23.111.146.90, 2437->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:16 **TCP-SYN with data** 23.111.146.82, 41085->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:16 **TCP-SYN with data** 23.111.137.83, 37337->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:16 **TCP-SYN with data** 23.111.137.82, 38511->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:16 **TCP-SYN with data** 23.111.136.83, 48194->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:35:15 **TCP-SYN with data** 23.111.136.82, 7127->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  09:24:10 **TCP-SYN with data** 192.168.2.212, 49518->> 17.252.43.246, 443 (from LAN Inbound)
01/28/2017  09:06:35 **TCP-SYN with data** 192.168.2.212, 49452->> 17.252.43.246, 443 (from LAN Inbound)
01/28/2017  07:41:01 **UDP Loop** 184.105.139.69, 60159->> 80.60.2x.xx, 19 (from PPPoE1 Inbound)
01/28/2017  07:34:15 **TCP-SYN with data** 209.133.214.215, 45302->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:15 **TCP-SYN with data** 209.133.214.214, 65358->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:15 **TCP-SYN with data** 209.133.214.211, 61248->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:15 **TCP-SYN with data** 162.254.151.22, 48699->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:15 **TCP-SYN with data** 162.254.151.19, 42434->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:15 **TCP-SYN with data** 162.252.86.86, 49040->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 162.252.86.84, 29921->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 162.252.86.83, 45979->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 104.156.63.24, 31034->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 104.156.63.21, 32579->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 162.216.7.27, 19160->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 23.111.146.90, 6563->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 23.111.146.82, 36857->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 23.111.137.83, 50247->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 23.111.137.82, 24791->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 23.111.136.83, 14078->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:34:13 **TCP-SYN with data** 23.111.136.82, 61978->> 80.60.2x.xx, 33434 (from PPPoE1 Inbound)
01/28/2017  07:31:17 **TCP-SYN with data** 192.168.2.211, 49413->> 17.252.43.246, 443 (from LAN Inbound)
01/28/2017  07:30:35 sending ACK to 192.168.2.211
01/28/2017  07:04:13 sending ACK to 192.168.2.211
01/28/2017  05:30:12 **TCP-SYN with data** 192.168.2.205, 59463->> 17.252.43.246, 443 (from LAN Inbound)
01/28/2017  03:31:15 sending ACK to 192.168.2.211
01/28/2017  03:17:04 sending ACK to 192.168.2.212
01/28/2017  03:17:03 sending ACK to 192.168.2.212
01/28/2017  03:06:40 DHCP Client: [ATM3]Receive Ack from 10.164.32.1,Lease time=73796
01/28/2017  03:06:39 DHCP Client: [ATM3]Send Request, Request IP=10.164.55.189
01/28/2017  02:21:54 sending ACK to 192.168.2.211
01/28/2017  01:46:16 sending ACK to 192.168.2.211
01/28/2017  00:25:57 sending ACK to 192.168.2.212
01/28/2017  00:23:53 sending ACK to 192.168.2.205
01/28/2017  00:22:22 sending ACK to 192.168.2.211
01/28/2017  00:21:07 sending ACK to 192.168.2.205
01/28/2017  00:20:44 sending ACK to 192.168.2.205
01/28/2017  00:20:31 sending ACK to 192.168.2.205
01/27/2017  23:34:29 sending ACK to 192.168.2.205
01/27/2017  23:30:13 sending ACK to 192.168.2.205
01/27/2017  23:30:11 sending ACK to 192.168.2.205
01/27/2017  23:30:10 sending ACK to 192.168.2.205
01/27/2017  23:29:38 sending ACK to 192.168.2.205
01/27/2017  23:28:13 sending ACK to 192.168.2.212
01/27/2017  23:28:09 sending ACK to 192.168.2.205
01/27/2017  23:25:39 sending ACK to 192.168.2.205
01/27/2017  23:25:39 sending ACK to 192.168.2.205
01/27/2017  23:24:56 sending ACK to 192.168.2.212
01/27/2017  23:12:39 sending ACK to 192.168.2.205
01/27/2017  23:06:12 sending ACK to 192.168.2.205
01/27/2017  23:04:42 sending ACK to 192.168.2.205
01/27/2017  23:01:41 sending ACK to 192.168.2.203
01/27/2017  22:46:41 sending ACK to 192.168.2.202
01/27/2017  22:41:32 NTP Date/Time updated.    
01/27/2017  22:41:25 Get system time from NTP server:213.75.85.246.
01/27/2017  22:36:36 DHCP Client: [ATM3]Could not find DHCP daemon to get information
01/27/2017  22:36:33 DHCP Client: [ATM3]Send Request, Request IP=10.164.55.189
01/27/2017  22:25:11 **UDP Loop** 51.15.40.24, 47038->> 80.60.2x.xx, 19 (from PPPoE1 Inbound)
01/27/2017  21:56:49 **TCP-SYN with data** 192.168.2.205, 53951->> 17.252.43.246, 443 (from LAN Inbound)
01/27/2017  21:36:24 sending ACK to 192.168.2.205
01/27/2017  19:00:00 sending ACK to 192.168.2.211
01/27/2017  18:54:21 AC:5F:3E:10:31:5B released
01/27/2017  16:44:35 sending ACK to 192.168.2.211
01/27/2017  16:44:33 sending ACK to 192.168.2.211
01/27/2017  16:10:17 **TCP-SYN with data** 192.168.2.205, 53062->> 17.252.43.246, 443 (from LAN Inbound)
01/27/2017  10:36:33 DHCP Client: [ATM3]Receive Ack from 10.164.32.1,Lease time=86400
01/27/2017  10:36:33 DHCP Client: [ATM3]Send Request, Request IP=10.164.55.189
01/27/2017  09:46:52 **UDP Loop** 185.94.111.1, 35000->> 80.60.2x.xx, 19 (from PPPoE1 Inbound)
01/27/2017  07:46:04 **UDP Loop** 184.105.139.81, 42399->> 80.60.2x.xx, 19 (from PPPoE1 Inbound)
01/27/2017  04:31:54 192.168.2.200 Admin logout

Beste antwoord (via Requa op 29-01-2017 13:21)

zondag 29 januari 2017 11:36

  • Thralas
  • Registratie: December 2002
  • Laatst online: 01:05

Thralas

Wim-Bart schreef op zondag 29 januari 2017 @ 04:43:
Zie alleen maar een vpn tunneltje PPPoE1 wat wat issues heeft. Verder niks bijzonders.
Dat is z'n WAN uplink richting KPN...

Het feit dat het allemaal vanaf Hivelocity komt, naar dezelfde destination port gaat en het meest opvallend vanaf verschillende IPs uit dezelfde reeks komt maakt het nogal opmerkelijk.

Maar ik denk dat ik hem heb.

code:
1
2
3
4
5
6

autharea=104.156.63.0/24
xautharea=104.156.63.0/24
network:Class-Name:network
network:Auth-Area:104.156.63.0/24
network:ID:NET-83700.104.156.63.21
network:Network-Name:Primary Assignment - IRP Probes - 104.156.63.16/28
1. What is Noction IRP?

Noction Intelligent Routing Platform (IRP) is a product developed by Noction to help businesses optimize their multi-homed network infrastructure. The platform operates at the network edge and receives a copy of the traffic from edge routers, passively analyzes it for specific TCP anomalies, and actively probes remote destination networks for metrics like latency, packet loss, throughput, historical reliability, etc… It computes a performance or a cost-improvement network traffic engineering policy and applies the new improved route by announcing it to the network’s edge routers via a traditional BGP session.
Fish schreef op zondag 29 januari 2017 @ 11:20:
internet ruis, geen aandacht geven
En verder dit. Plus dat huis-tuin-en-keukenrouters nogal snel moord & brand schreeuwen. Als je geen raar verkeer wilt dan moet je 'm niet aan het internet hangen.

Alle reacties

zondag 29 januari 2017 04:06

Acties:
  • 0 Henk 'm!
  • Brahiewahiewa
  • Registratie: Oktober 2001
  • Laatst online: 30-09-2022

Brahiewahiewa

boelkloedig

Waarom wil je d'r vanaf?

QnJhaGlld2FoaWV3YQ==

zondag 29 januari 2017 04:43

Acties:
  • 0 Henk 'm!
  • Wim-Bart
  • Registratie: Mei 2004
  • Laatst online: 10-01-2021

Wim-Bart

Zie signature voor een baan.

Zie alleen maar een vpn tunneltje PPPoE1 wat wat issues heeft. Verder niks bijzonders.

Beheerders, Consultants, Servicedesk medewerkers. We zoeken het allemaal. Stuur mij een PM voor meer info of kijk hier De mooiste ICT'er van Nederland.

zondag 29 januari 2017 09:51

Acties:
  • 0 Henk 'm!
  • Dysmael
  • Registratie: Januari 2002
  • Laatst online: 01-08-2019

Dysmael

Verkeer vanaf Hivelocity, die leveren VPS-diensten.
Als jou dat niets zegt dan lijkt het inderdaad op portscans. Je kan wat abuse-meldingen richting Hivelocity sturen.

zondag 29 januari 2017 11:16

Acties:
  • 0 Henk 'm!
  • donny007
  • Registratie: Januari 2009
  • Laatst online: 24-08 17:07

donny007

Try the Nether!

Poort 33434 wordt gebruikt door traceroute (in UDP modus).

Om daar TCP (SYN) verkeer naartoe te zien gaan is wel opmerkelijk,.

[ Voor 38% gewijzigd door donny007 op 29-01-2017 11:18 ]

/dev/null

zondag 29 januari 2017 11:20

Acties:
  • 0 Henk 'm!
  • Fish
  • Registratie: Juli 2002
  • Niet online

Fish

How much is the fish

internet ruis, geen aandacht geven

Iperf

zondag 29 januari 2017 11:33

Acties:
  • 0 Henk 'm!
  • Requa
  • Registratie: Augustus 2014
  • Niet online

Requa

Topicstarter
Wim-Bart schreef op zondag 29 januari 2017 @ 04:43:
Zie alleen maar een vpn tunneltje PPPoE1 wat wat issues heeft. Verder niks bijzonders.
Opmerkelijk, heb namelijk geen VPN-draaien 8)7
Brahiewahiewa schreef op zondag 29 januari 2017 @ 04:06:
Waarom wil je d'r vanaf?
Omdat het me niet siert, het modem loopt vol en crasht door de vele meldingen.. :?
RolfLobker schreef op zondag 29 januari 2017 @ 09:51:
Verkeer vanaf Hivelocity, die leveren VPS-diensten.
Als jou dat niets zegt dan lijkt het inderdaad op portscans. Je kan wat abuse-meldingen richting Hivelocity sturen.
Zegt mij inderdaad niets, gebruik ook geen VPN. Zal even een abuse melding versturen.. :+
donny007 schreef op zondag 29 januari 2017 @ 11:16:
Poort 33434 wordt gebruikt door traceroute (in UDP modus).

Om daar TCP (SYN) verkeer naartoe te zien gaan is wel opmerkelijk,.
Dat vind ik dus ook..
Fish schreef op zondag 29 januari 2017 @ 11:20:
internet ruis, geen aandacht geven
Kan je dit onderbouwen? :D

zondag 29 januari 2017 11:34

Acties:
  • +1 Henk 'm!
  • donny007
  • Registratie: Januari 2009
  • Laatst online: 24-08 17:07

donny007

Try the Nether!

Reverse DNS van die IP-addressen:

performance-check-via-Seabone.HARMLESS-NOCTION-IRP-PROBING.hivelocity.net
performance-check-via-Cogent3.HARMLESS-NOCTION-IRP-PROBING.hivelocity.net
performance-check-via-NTT-LAX.HARMLESS-NOCTION-IRP-PROBING.hivelocity.net

De tool die ze gebruiken (Noction) is bedoeld om de performance van een netwerk te monitoren:
Noction Intelligent Routing Platform (IRP) is a product developed by Noction to help businesses optimize their multi-homed network infrastructure. The platform operates at the network edge and receives a copy of the traffic from edge routers, passively analyzes it for specific TCP anomalies, and actively probes remote destination networks for metrics like latency, packet loss, throughput, historical reliability, etc… It computes a performance or a cost-improvement network traffic engineering policy and applies the new improved route by announcing it to the network’s edge routers via a traditional BGP session.
Mijn theorie: zodra je een website bezoekt die is gehost op het platform van Hivelocity (of op een andere wijze verkeer uitwisselt) worden er meteen een aantal performance checks uitgevoerd richting jouw IP (vanuit verschillende locaties/servers). Niets om je zorgen over te maken.

/dev/null

zondag 29 januari 2017 11:36

Acties:
  • Beste antwoord
  • +2 Henk 'm!
  • Thralas
  • Registratie: December 2002
  • Laatst online: 01:05

Thralas

Wim-Bart schreef op zondag 29 januari 2017 @ 04:43:
Zie alleen maar een vpn tunneltje PPPoE1 wat wat issues heeft. Verder niks bijzonders.
Dat is z'n WAN uplink richting KPN...

Het feit dat het allemaal vanaf Hivelocity komt, naar dezelfde destination port gaat en het meest opvallend vanaf verschillende IPs uit dezelfde reeks komt maakt het nogal opmerkelijk.

Maar ik denk dat ik hem heb.

code:
1
2
3
4
5
6

autharea=104.156.63.0/24
xautharea=104.156.63.0/24
network:Class-Name:network
network:Auth-Area:104.156.63.0/24
network:ID:NET-83700.104.156.63.21
network:Network-Name:Primary Assignment - IRP Probes - 104.156.63.16/28
1. What is Noction IRP?

Noction Intelligent Routing Platform (IRP) is a product developed by Noction to help businesses optimize their multi-homed network infrastructure. The platform operates at the network edge and receives a copy of the traffic from edge routers, passively analyzes it for specific TCP anomalies, and actively probes remote destination networks for metrics like latency, packet loss, throughput, historical reliability, etc… It computes a performance or a cost-improvement network traffic engineering policy and applies the new improved route by announcing it to the network’s edge routers via a traditional BGP session.
Fish schreef op zondag 29 januari 2017 @ 11:20:
internet ruis, geen aandacht geven
En verder dit. Plus dat huis-tuin-en-keukenrouters nogal snel moord & brand schreeuwen. Als je geen raar verkeer wilt dan moet je 'm niet aan het internet hangen.

zondag 29 januari 2017 11:44

Acties:
  • 0 Henk 'm!
  • Brahiewahiewa
  • Registratie: Oktober 2001
  • Laatst online: 30-09-2022

Brahiewahiewa

boelkloedig

Overigens is het bovenste adres toch wel de give-away:
C:\Users\Brahiewahiewa>nslookup 17.252.43.246
Server:  t110.brahiewahiewa.dyndns.org
Address:  172.16.172.110

Name:    api-ams.smoot.apple.com
Address:  17.252.43.246

Dus als je d'r vanaf wilt zet je gewoon je iPhone uit

QnJhaGlld2FoaWV3YQ==

Pagina: 1
Reageer

Apple iPhone 17 LG OLED evo G5 Google Pixel 10 Samsung Galaxy S25 Star Wars: Outlaws Nintendo Switch 2 Apple AirPods Pro (2e generatie) Sony PlayStation 5 Pro

Tweakers is onderdeel van DPG Media B.V.
Alle rechten voorbehouden - Auteursrecht © 1998 - 2025 Hosting door TrueFullstaq