[Dshield] ICMP/UDP smackdown

IT Department - CI Holding Group, Inc. it at ciholding.com
Fri Mar 22 17:14:48 GMT 2002


DDoS attempts?  Some of the IP's are from DoubleClick, some from Speedera, 
as well as others...

We usually get these off and on throughout the day, but today has been the 
worst...

Anyone else seeing these?

03/22/02 09:00 :  deny in eth0 84 icmp 20 47 62.4.74.66 x.y.z.2 8 0 (Ping)
03/22/02 09:00 :  deny in eth0 84 icmp 20 52 204.176.177.155 x.y.z.2 8 0 (Ping)
03/22/02 09:00 :  deny in eth0 84 icmp 20 49 205.138.3.200 x.y.z.2 8 0 (Ping)
03/22/02 09:00 :  deny in eth0 84 icmp 20 51 65.119.213.34 x.y.z.2 8 0 (Ping)
03/22/02 09:00 :  deny in eth0 84 icmp 20 47 62.4.74.66 x.y.z.2 8 0 (Ping)
03/22/02 09:00 :  deny in eth0 84 icmp 20 52 204.176.177.155 x.y.z.2 8 0 (Ping)
03/22/02 09:00 :  deny in eth0 84 icmp 20 49 205.138.3.200 x.y.z.2 8 0 (Ping)
03/22/02 09:00 :  deny in eth0 84 icmp 20 51 65.119.213.34 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 47 62.4.74.66 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 52 204.176.177.155 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 49 205.138.3.200 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 51 65.119.213.34 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 70 udp 20 47 62.4.74.66 x.y.z.2 53692 53 
(DNS-Proxy)
03/22/02 09:01 :  deny in eth0 70 udp 20 52 204.176.177.155 x.y.z.2 32160 
53 (DNS-Proxy)
03/22/02 09:01 :  deny in eth0 70 udp 20 49 205.138.3.200 x.y.z.2 46519 53 
(DNS-Proxy)
03/22/02 09:01 :  deny in eth0 70 udp 20 51 65.119.213.34 x.y.z.2 58520 53 
(DNS-Proxy)
03/22/02 09:01 :  deny in eth0 70 udp 20 47 62.4.74.66 x.y.z.2 53692 53 
(DNS-Proxy)
03/22/02 09:01 :  deny in eth0 70 udp 20 52 204.176.177.155 x.y.z.2 32160 
53 (DNS-Proxy)
03/22/02 09:01 :  deny in eth0 70 udp 20 49 205.138.3.200 x.y.z.2 46519 53 
(DNS-Proxy)
03/22/02 09:01 :  deny in eth0 70 udp 20 51 65.119.213.34 x.y.z.2 58520 53 
(DNS-Proxy)
03/22/02 09:01 :  deny in eth0 84 icmp 20 50 64.37.246.2 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 53 209.68.217.194 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 51 209.10.207.194 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 51 64.41.192.103 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 49 216.25.225.148 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 47 64.28.86.226 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 50 64.37.246.2 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 53 209.68.217.194 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 51 209.10.207.194 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 51 64.41.192.103 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 49 216.25.225.148 x.y.z.2 8 0 (Ping)
03/22/02 09:01 :  deny in eth0 84 icmp 20 47 64.28.86.226 x.y.z.2 8 0 (Ping)
03/22/02 09:02 :  deny in eth0 84 icmp 20 50 64.37.246.2 x.y.z.2 8 0 (Ping)
03/22/02 09:02 :  deny in eth0 84 icmp 20 53 209.68.217.194 x.y.z.2 8 0 (Ping)
03/22/02 09:02 :  deny in eth0 84 icmp 20 51 64.41.192.103 x.y.z.2 8 0 (Ping)
03/22/02 09:02 :  deny in eth0 84 icmp 20 49 216.25.225.148 x.y.z.2 8 0 (Ping)
03/22/02 09:02 :  deny in eth0 84 icmp 20 47 64.28.86.226 x.y.z.2 8 0 (Ping)
03/22/02 09:02 :  deny in eth0 84 icmp 20 51 209.10.207.194 x.y.z.2 8 0 (Ping)
03/22/02 09:02 :  deny in eth0 70 udp 20 50 64.37.246.2 x.y.z.2 64071 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 53 209.68.217.194 x.y.z.2 31759 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 51 64.41.192.103 x.y.z.2 50316 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 47 64.28.86.226 x.y.z.2 11667 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 49 216.25.225.148 x.y.z.2 1930 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 51 209.10.207.194 x.y.z.2 1272 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 50 64.37.246.2 x.y.z.2 64071 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 53 209.68.217.194 x.y.z.2 31759 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 51 64.41.192.103 x.y.z.2 50316 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 47 64.28.86.226 x.y.z.2 11667 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 49 216.25.225.148 x.y.z.2 1930 53 
(DNS-Proxy)
03/22/02 09:02 :  deny in eth0 70 udp 20 51 209.10.207.194 x.y.z.2 1272 53 
(DNS-Proxy)




More information about the list mailing list