DOS attacked big time FYI

Malware detection, cleaning and prevention
Post Reply
Posts: 18
Joined: Tue Apr 21, 2009 8:58 pm
Location: QLD

DOS attacked big time FYI

Post by Gob » Mon Jul 26, 2010 9:24 pm

I just had 2 really bad conversations with the tech support crew any way they were of no help what so ever and the last guy kept telling me one of my ADSL services was not connected.

Anyway my problem started around 6.00pm tonight.
The modem kept rebooting itself after connecting for about 15-30 seconds. After much testing it was only after it authenticated and was actually online.
(It seems apparently, that the modem was going into an overload)

The long and short of it is that I just happened to notice in the modem error log before it rebooted, and this line was repeated every few seconds.
Jan 03 10:01:07 johns.gateway:firewall:info: 97.742 Blocked Prot=17, > -Disallowed Destination IP

A DOS attack.

I changed my IP from the members area and all is fixed (via a wireless connection). At least for the moment.

I looked up the IP details and this is what I got:
IP Location: South Africa South Africa Johannesburg The Ip Block Has Been Assigned To Vodacom Bussiness For Isp Bussiness
Resolve Host:
IP Address: [Whois] [Reverse-Ip] [Ping] [DNS Lookup] [Traceroute]
inetnum: -
netname: ORG-VA67-AFRINIC
descr: The IP Block has been assigned to Vodacom Bussiness for ISP
country: ZA
admin-c: JH2-AFRINIC
tech-c: JH2-AFRINIC
remarks: Vodacom Bussiness (ASN 36994)
source: AFRINIC # Filtered
parent: -

person: Jacques Hendricks
address: Vodacom PTY (Ltd)
phone: +27 21 9409498
nic-hdl: JH2-AFRINIC
source: AFRINIC # Filtered
Maybe someone at exetel could look into this and block this range of IP's or something.


Volunteer Site Admin
Posts: 6007
Joined: Mon Nov 13, 2006 1:16 pm
Location: Sydney

Re: DOS attacked big time FYI

Post by Dazzled » Mon Jul 26, 2010 10:32 pm

My gateway logs all this rubbish, and I seem to be probed every 15 minutes or so. My "favourite" is a clown from Georgia who appears to be sooling nmap onto me, judging by the traffic. I've been tempted at times to return the favour. I don't have any idea why he comes back from time to time. I've not had a South African - I'll swap you two from the old USSR and two from China for him. Be thankful the router firewall is doing its job.

Post Reply