Harinto Blog's: Log Router Warnet

router# tail -f /var/log/messages
Dec 8 11:38:03 router portsentry[351]: attackalert: Host 88.80.7.82 has been blocked via dropped route using command: "route add -net 88.80.7.82 -netmask 255.255.255.255 127.0.0.1 -blackhole"
Dec 8 11:38:03 router portsentry[351]: attackalert: Connect from host: a7-82-n37.cust.prq.se/88.80.7.8 2 to TCP port: 1080
Dec 8 11:38:03 router portsentry[351]: attackalert: Host: 88.80.7.82 is already blocked. Ignoring
Dec 8 12:40:44 router portsentry[351]: attackalert: Connect from host: 118-161-232-154.dynamic.hinet.n et/118.161.232.154 to TCP port: 1080
Dec 8 12:40:44 router portsentry[351]: attackalert: Host 118.161.232.154 has been blocked via wrappers with string: "ALL: 118.161.232.154"
Dec 8 12:40:44 router portsentry[351]: attackalert: Host 118.161.232.154 has been blocked via dropped route using command: "route add -net 118.161.232.154 -netmask 255.255.255.255 127.0.0.1 -blackhole"
Dec 8 16:02:28 router portsentry[351]: attackalert: Connect from host: 118-168-133-175.dynamic.hinet.n et/118.168.133.175 to TCP port: 1080
Dec 8 16:02:28 router portsentry[351]: attackalert: Host 118.168.133.175 has been blocked via wrappers with string: "ALL: 118.168.133.175"
Dec 8 16:02:28 router portsentry[351]: attackalert: Host 118.168.133.175 has been blocked via dropped route using command: "route add -net 118.168.133.175 -netmask 255.255.255.255 127.0.0.1 -blackhole"
Dec 8 16:21:15 router su: areksitiung to root on /dev/ttyp0

1199885445 - 01/09/2008 13:30:45 Host: S01060050da2a6b75.vc.shawcable.net/24.84.123.4 Port: 1080 TCP Blocked
1199886651 - 01/09/2008 13:50:51 Host: proxyscan.quakenet.org/195.1.77.77 Port: 1080 TCP Blocked
1199890501 - 01/09/2008 14:55:01 Host: swiftco.irc.proxy.monitor.dal.net/208.99.203.190 Port: 1080 TCP Blocked
1199894629 - 01/09/2008 16:03:49 Host: before.you.send.an.abuse.email.about.being.portscanned.visit.http.security.gamesurge.n
et/64.71.165.195 Port: 1080 TCP Blocked
1199955938 - 01/10/2008 09:05:38 Host: 125-224-230-90.dynamic.hinet.net/125.224.230.90 Port: 1080 TCP Blocked
1199959935 - 01/10/2008 10:12:15 Host: irc.dal.net/194.68.45.50 Port: 1080 TCP Blocked
1199960174 - 01/10/2008 10:16:14 Host: hotspeed.sg.as.dal.net/202.91.34.9 Port: 1080 TCP Blocked
1199960258 - 01/10/2008 10:17:38 Host: swiftco.irc.proxy.monitor.dal.net/208.99.203.190 Port: 1080 TCP Blocked
1199972605 - 01/10/2008 13:43:25 Host: S010600c04fc5f05d.vc.shawcable.net/24.82.194.45 Port: 1080 TCP Blocked
1199975268 - 01/10/2008 14:27:48 Host: punch.va.us.dal.net/149.9.1.16 Port: 1080 TCP Blocked
1199978499 - 01/10/2008 15:21:39 Host: irc.he.net/207.45.69.69 Port: 1080 TCP Blocked
1199988759 - 01/10/2008 18:12:39 Host: bob.esthost.eu/195.5.116.234 Port: 1080 TCP Blocked
1199989145 - 01/10/2008 18:19:05 Host: bin.esthost.eu/195.5.116.238 Port: 1080 TCP Blocked
1200001219 - 01/10/2008 21:40:19 Host: 194.14.236.50/194.14.236.50 Port: 1080 TCP Blocked
1200004588 - 01/10/2008 22:36:28 Host: 122-118-99-188.dynamic.hinet.net/122.118.99.188 Port: 1080 TCP Blocked
1200044291 - 01/11/2008 09:38:11 Host: bob.esthost.eu/195.5.116.234 Port: 1080 TCP Blocked
1200053068 - 01/11/2008 12:04:28 Host: bin.esthost.eu/195.5.116.238 Port: 1080 TCP Blocked
1200056291 - 01/11/2008 12:58:11 Host: bob.esthost.eu/195.5.116.234 Port: 1080 TCP Blocked
1200057479 - 01/11/2008 13:17:59 Host: irc.dal.net/194.68.45.50 Port: 1080 TCP Blocked
1200057716 - 01/11/2008 13:21:56 Host: swiftco.irc.proxy.monitor.dal.net/208.99.203.190 Port: 1080 TCP Blocked
1200058138 - 01/11/2008 13:28:58 Host: bin.esthost.eu/195.5.116.238 Port: 1080 TCP Blocked
1200059030 - 01/11/2008 13:43:50 Host: S0106005018500d4f.vc.shawcable.net/24.83.99.86 Port: 1080 TCP Blocked
1200130688 - 01/12/2008 09:38:08 Host: bob.esthost.eu/195.5.116.234 Port: 1080 TCP Blocked
1200136858 - 01/12/2008 11:20:58 Host: irc.dal.net/194.68.45.50 Port: 1080 TCP Blocked
1200137773 - 01/12/2008 11:36:13 Host: swiftco.irc.proxy.monitor.dal.net/208.99.203.190 Port: 1080 TCP Blocked
1200139470 - 01/12/2008 12:04:30 Host: bin.esthost.eu/195.5.116.238 Port: 1080 TCP Blocked
1200145400 - 01/12/2008 13:43:20 Host: S010600c04fc5f05d.vc.shawcable.net/24.82.194.45 Port: 1080 TCP Blocked
1200145973 - 01/12/2008 13:52:53 Host: 122-124-133-212.dynamic.hinet.net/122.124.133.212 Port: 1080 TCP Blocked
1200150139 - 01/12/2008 15:02:19 Host: 194.14.236.50/194.14.236.50 Port: 1080 TCP Blocked
1200151565 - 01/12/2008 15:26:05 Host: 172.17.68.86/172.17.68.86 Port: 1080 TCP Blocked
1200151843 - 01/12/2008 15:30:43 Host: before.you.send.an.abuse.email.about.being.portscanned.visit.http.security.gamesurge.n
et/64.71.165.195 Port: 1080 TCP Blocked
1200156194 - 01/12/2008 16:43:14 Host: punch.va.us.dal.net/149.9.1.16 Port: 1080 TCP Blocked
1200162235 - 01/12/2008 18:23:55 Host: 222.124.190.85/222.124.190.85 Port: 12345 TCP Blocked
1200167399 - 01/12/2008 19:49:59 Host: hotspeed.sg.as.dal.net/202.91.34.9 Port: 1080 TCP Blocked
1200184124 - 01/13/2008 00:28:44 Host: 122-124-130-135.dynamic.hinet.net/122.124.130.135 Port: 1080 TCP Blocked
1200190147 - 01/13/2008 02:09:07 Host: 170.subnet125-162-123.speedy.telkom.net.id/125.162.123.170 Port: 143 TCP Blocked
1200208681 - 01/13/2008 07:18:01 Host: S0106005018500d4f.vc.shawcable.net/24.83.99.86 Port: 1080 TCP Blocked
1200217071 - 01/13/2008 09:37:51 Host: bob.esthost.eu/195.5.116.234 Port: 1080 TCP Blocked
1200219179 - 01/13/2008 10:12:59 Host: irc.dal.net/194.68.45.50 Port: 1080 TCP Blocked
1200225854 - 01/13/2008 12:04:14 Host: bin.esthost.eu/195.5.116.238 Port: 1080 TCP Blocked
1200227658 - 01/13/2008 12:34:18 Host: hotspeed.sg.as.dal.net/202.91.34.9 Port: 1080 TCP Blocked
1200685884 - 01/18/2008 19:51:24 Host: punch.va.us.dal.net/149.9.1.16 Port: 1080 TCP Blocked
1200695120 - 01/18/2008 22:25:20 Host: 85.136.80.10.dyn.user.ono.com/85.136.80.10 Port: 34555 UDP Blocked
1200695120 - 01/18/2008 22:25:20 Host: 85.136.80.10.dyn.user.ono.com/85.136.80.10 Port: 34555 UDP Blocked
1200695121 - 01/18/2008 22:25:21 Host: 85.136.80.10.dyn.user.ono.com/85.136.80.10 Port: 34555 UDP Blocked
1200695122 - 01/18/2008 22:25:22 Host: 85.136.80.10.dyn.user.ono.com/85.136.80.10 Port: 34555 UDP Blocked
1200695126 - 01/18/2008 22:25:26 Host: 85.136.80.10.dyn.user.ono.com/85.136.80.10 Port: 34555 UDP Blocked
1200695140 - 01/18/2008 22:25:40 Host: 85.136.80.10.dyn.user.ono.com/85.136.80.10 Port: 34555 UDP Blocked

router# cat /etc/hosts.deny |more
ALL: 24.84.123.4
ALL: 195.1.77.77
ALL: 208.99.203.190
ALL: 64.71.165.195
ALL: 125.224.230.90
ALL: 194.68.45.50
ALL: 202.91.34.9
ALL: 208.99.203.190
ALL: 24.82.194.45
ALL: 149.9.1.16
ALL: 207.45.69.69
ALL: 195.5.116.234
ALL: 195.5.116.238
ALL: 194.14.236.50
ALL: 122.118.99.188
ALL: 195.5.116.234
ALL: 195.5.116.238
ALL: 195.5.116.234
ALL: 194.68.45.50
ALL: 208.99.203.190
ALL: 195.5.116.238
ALL: 24.83.99.86
ALL: 195.5.116.234
ALL: 194.68.45.50
ALL: 208.99.203.190
ALL: 195.5.116.238
ALL: 24.82.194.45
ALL: 122.124.133.212
ALL: 194.14.236.50
ALL: 172.17.68.86
ALL: 64.71.165.195
ALL: 149.9.1.16
ALL: 222.124.190.85
ALL: 202.91.34.9
ALL: 122.124.130.135
ALL: 125.162.123.170
ALL: 24.83.99.86
ALL: 195.5.116.234
ALL: 194.68.45.50
ALL: 195.5.116.238
ALL: 202.91.34.9
ALL: 208.99.203.190
ALL: 149.9.1.16

Harinto Blog's

Jumat, 05 Desember 2008

Log Router Warnet

Tidak ada komentar:

Pengikut

Arsip Blog

Mengenai Saya