We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Intrusion attempts logged by my Sky router

Options
prowla
prowla Posts: 13,986 Forumite
Part of the Furniture 10,000 Posts Name Dropper
in Techie Stuff
I took a look at my Sky router's logs and there are a lot of apparent intrusion attempts.

They seem to be coming from a selection of IP addresses...

Jun 12 21:55:14 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=222.32.75.7 DST=90.222.187.209 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=3306 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 12 22:29:03 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=222.242.129.214 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=44 ID=9496 DF PROTO=TCP SPT=42222 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 12 23:04:18 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=90.188.248.160 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=5593 DF PROTO=TCP SPT=20643 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 12 23:04:21 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=90.188.248.160 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=5675 DF PROTO=TCP SPT=20643 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 12 23:30:43 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=209.190.29.35 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=24178 DF PROTO=TCP SPT=36831 DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 12 23:30:46 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=209.190.29.35 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=24179 DF PROTO=TCP SPT=36831 DPT=3306 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 00:30:12 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=77.79.8.252 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=26957 DF PROTO=TCP SPT=45591 DPT=27977 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 01:43:55 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=116.224.131.158 DST=90.222.187.209 LEN=40 TOS=0x00 PREC=0x00 TTL=103 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 01:44:16 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=186.110.96.89 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=21332 DF PROTO=TCP SPT=56062 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 01:44:19 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=186.110.96.89 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=21708 DF PROTO=TCP SPT=56062 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 01:56:58 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=218.108.85.252 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=22275 DF PROTO=TCP SPT=38624 DPT=8080 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 02:18:03 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=120.195.20.231 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=27596 PROTO=TCP SPT=27679 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 02:29:11 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=86.59.24.210 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=3662 DF PROTO=TCP SPT=58485 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 03:02:01 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=90.157.147.150 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=41812 PROTO=TCP SPT=29182 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 03:30:34 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=81.17.195.68 DST=90.222.187.209 LEN=44 TOS=0x00 PREC=0x00 TTL=43 ID=25636 PROTO=TCP SPT=36570 DPT=143 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 03:30:34 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=81.17.195.68 DST=90.222.187.209 LEN=44 TOS=0x00 PREC=0x00 TTL=29 ID=25965 PROTO=TCP SPT=36571 DPT=143 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 03:30:35 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=81.17.195.68 DST=90.222.187.209 LEN=44 TOS=0x00 PREC=0x00 TTL=30 ID=51548 PROTO=TCP SPT=36570 DPT=993 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 03:30:35 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=81.17.195.68 DST=90.222.187.209 LEN=44 TOS=0x00 PREC=0x00 TTL=31 ID=60043 PROTO=TCP SPT=36571 DPT=993 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 03:57:15 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=77.222.40.20 DST=90.222.187.209 LEN=44 TOS=0x00 PREC=0x00 TTL=51 ID=52627 DF PROTO=TCP SPT=43352 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 04:29:36 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=188.132.229.104 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=24275 PROTO=TCP SPT=62198 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 04:31:07 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=118.123.22.158 DST=90.222.187.209 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 05:15:17 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=122.226.44.157 DST=90.222.187.209 LEN=40 TOS=0x00 PREC=0x00 TTL=102 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 05:24:31 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=221.2.209.46 DST=90.222.187.209 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=90 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 06:22:17 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=90.137.149.2 DST=90.222.187.209 LEN=64 TOS=0x00 PREC=0x00 TTL=32 ID=37657 DF PROTO=TCP SPT=4938 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 06:22:20 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=90.137.149.2 DST=90.222.187.209 LEN=64 TOS=0x00 PREC=0x00 TTL=32 ID=38467 DF PROTO=TCP SPT=4938 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 06:29:04 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=180.67.207.78 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=45 ID=9496 DF PROTO=TCP SPT=4935 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 07:21:39 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=101.255.44.45 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=62757 DF PROTO=TCP SPT=4244 DPT=4899 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 07:21:42 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=101.255.44.45 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=63666 DF PROTO=TCP SPT=4244 DPT=4899 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 07:21:48 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=101.255.44.45 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=65478 DF PROTO=TCP SPT=4244 DPT=4899 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 07:42:53 (none) user.crit kernel: eth1 Link UP 100 mbps full duplex
Jun 13 07:42:54 (none) user.crit kernel: eth1 Link DOWN.
Jun 13 07:42:57 (none) user.crit kernel: eth1 Link UP 100 mbps full duplex
Jun 13 07:53:42 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=180.141.156.253 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=45 ID=14098 DF PROTO=TCP SPT=61283 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 07:53:45 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=180.141.156.253 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=45 ID=14920 DF PROTO=TCP SPT=61283 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 07:53:51 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=180.141.156.253 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=45 ID=16620 DF PROTO=TCP SPT=61283 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 07:54:38 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=222.186.15.24 DST=90.222.187.209 LEN=40 TOS=0x00 PREC=0x00 TTL=100 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 10:55:08 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=122.224.4.49 DST=90.222.187.209 LEN=40 TOS=0x00 PREC=0x00 TTL=101 ID=256 PROTO=TCP SPT=6000 DPT=4899 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 11:36:33 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=90.219.97.43 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=5337 DF PROTO=TCP SPT=45379 DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 12:24:03 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=124.193.179.130 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=37 ID=51311 DF PROTO=TCP SPT=34719 DPT=8080 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 12:28:52 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=31.41.65.253 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=24204 DF PROTO=TCP SPT=54962 DPT=443 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 12:28:52 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=108.210.96.150 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=8661 DF PROTO=TCP SPT=55923 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 12:28:55 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=108.210.96.150 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=9202 DF PROTO=TCP SPT=55923 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 12:28:55 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=31.41.65.253 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=24304 DF PROTO=TCP SPT=54962 DPT=443 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 12:29:01 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=108.210.96.150 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=10327 DF PROTO=TCP SPT=55923 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 12:40:48 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=85.214.75.80 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=32052 DF PROTO=TCP SPT=54155 DPT=21 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 12:49:20 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=90.188.251.98 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=17725 DF PROTO=TCP SPT=54266 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 12:59:12 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=98.185.63.61 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=44732 DF PROTO=TCP SPT=3058 DPT=443 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 13:23:34 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=86.171.44.137 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=22460 DF PROTO=TCP SPT=53912 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 13:23:34 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=178.127.14.43 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=42934 DF PROTO=TCP SPT=4487 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 13:23:37 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=86.171.44.137 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=22463 DF PROTO=TCP SPT=53912 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 13:23:37 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=178.127.14.43 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=42986 DF PROTO=TCP SPT=4487 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 13:23:43 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=86.171.44.137 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=22465 DF PROTO=TCP SPT=53912 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 13:41:05 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=110.138.49.84 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=10900 DF PROTO=TCP SPT=1472 DPT=4899 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 13:42:50 (none) user.crit kernel: eth1 Link DOWN.
Jun 13 13:42:52 (none) user.crit kernel: eth1 Link UP 100 mbps full duplex
Jun 13 13:46:29 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=61.147.70.67 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=39892 DF PROTO=TCP SPT=45798 DPT=8080 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 13:54:20 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=85.194.72.134 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=57613 PROTO=TCP SPT=55623 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 14:11:46 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=163.247.80.15 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=27472 DF PROTO=TCP SPT=63905 DPT=443 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 14:23:33 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=186.164.26.18 DST=90.222.187.209 LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=23942 DF PROTO=TCP SPT=50954 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 14:23:34 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=186.164.26.18 DST=90.222.187.209 LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=60885 DF PROTO=TCP SPT=50954 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 14:40:52 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=89.240.249.105 DST=90.222.187.209 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=4638 DF PROTO=TCP SPT=62827 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 14:47:28 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=188.51.78.57 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=26234 DF PROTO=TCP SPT=62734 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 15:02:17 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=213.27.139.190 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=57601 PROTO=TCP SPT=30812 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 15:10:42 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=190.106.30.149 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=29097 DF PROTO=TCP SPT=64211 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 15:14:45 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=95.153.178.192 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=1267 DF PROTO=TCP SPT=45669 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 15:23:14 (none) user.crit kernel: eth1 Link DOWN.
Jun 13 15:23:16 (none) user.crit kernel: eth1 Link UP 100 mbps full duplex
Jun 13 15:23:47 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=69.114.104.180 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=9985 DF PROTO=TCP SPT=58748 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 15:46:16 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=85.97.228.44 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=23145 DF PROTO=TCP SPT=57411 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 15:46:20 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=85.97.228.44 DST=90.222.187.209 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=23265 DF PROTO=TCP SPT=57411 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 15:54:37 (none) user.crit kernel: eth1 Link DOWN.
Jun 13 15:54:42 (none) user.crit kernel: eth1 Link UP 100 mbps full duplex
Jun 13 15:58:35 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=90.130.149.85 DST=90.222.187.209 LEN=64 TOS=0x00 PREC=0x00 TTL=36 ID=21404 DF PROTO=TCP SPT=10664 DPT=135 WINDOW=53760 RES=0x00 SYN URGP=0 MARK=0x8000000
Jun 13 16:09:09 (none) user.alert kernel: Intrusion -> IN=atm0 OUT= MAC=4c:17:eb:6e:af:2b:00:19:8f:50:96:48:08:00 SRC=155.52.208.80 DST=90.222.187.209 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=23216 DF PROTO=TCP SPT=11150 DPT=443 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000

Comments

  • phoneguy
    phoneguy Posts: 115 Forumite
    That's pretty tame TBH and it looks like iptables is doing the job it is meant to do. You'll never stop miscreants 'trying the door' so to speak.

    Mine runs wayyyy more than that - in the last 24 hours my router has logged over 25k attempts:
    less /var/log/firewall.log | wc -l
    25146
    As long as you're keeping them out, everything is hunky dory.
  • bristol_rob
    bristol_rob Posts: 205 Forumite
    how do you find that stuff out?
  • prowla
    prowla Posts: 13,986 Forumite
    Part of the Furniture 10,000 Posts Name Dropper
    bristol_rob wrote: »
    how do you find that stuff out?
    I login to the router (via a wired connection), which gives a web-based management GUI; one of the items there is to view the logs.
  • aerostar
    aerostar Posts: 1,738 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Combo Breaker
    If you look at the number next to DPT=

    Then look at this list

    http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers


    It will tell you what the port is usually for.
  • paddyrg
    paddyrg Posts: 13,543 Forumite
    Sadly the internet is a hostile place now - every router gets this stuff, and it is why MS give you a free firewall, on by default.
  • LincolnshireYokel
    LincolnshireYokel Posts: 764 Forumite
    I spent a few minutes looking some of those up, they are mainly Turkish or Latin American
    **** I hereby relieve MSE of all legal responsibility for my post and assume personal responsible for all posts. If any Parking Pirates have a problem with my post then contact me for my solicitors address.*****
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244K Work, Benefits & Business
  • 598.8K Mortgages, Homes & Bills
  • 176.9K Life & Family
  • 257.3K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture