[Dshield] This has to be some sort of record

David Hart DavidHart at TQMcube.com
Mon Oct 6 22:09:48 GMT 2003


I just hit 15,000 dropped connects in one hour on a single IP. It's all
UDP noise from my B net on VOL. I now have a 12mb log file. I'll turn
off the UDP logging tomorrow morning. Someone at VOL asked me for a
small sample. I sent him ONE minute worth. I think he got the point.

Seriously, I HAVE to assume that this much junk is affecting my
connectivity. Is there something in Windows that is doing this by
default or are these bad neighbors simply clueless?

These are a few typical lines. The source is in my B net and the
destination may or may not be but it's rarely me. I can't figure out how
we ended up in the middle of this mess. I'm assuming that this is
ATYPICAL, right?:

2003-10-06 16:16:02 -04:00      12345678        1       151.202.17.122 
137     227.211.252.97  137     UDP     
2003-10-06 16:16:03 -04:00      12345678        1       151.202.17.122 
137     227.211.252.97  137     UDP     
2003-10-06 16:16:05 -04:00      12345678        1       151.202.17.122 
137     227.211.252.97  137     UDP     
2003-10-06 16:16:05 -04:00      12345678        1       151.202.17.14  
1038    239.255.255.250 1900    UDP     
2003-10-06 16:16:05 -04:00      12345678        2       151.202.17.14  
1038    239.255.255.250 1900    UDP
2003-10-06 16:16:07 -04:00      12345678        1       151.202.34.50  
137     151.202.255.255 137     UDP     
2003-10-06 16:16:07 -04:00      12345678        2       151.202.34.50  
137     151.202.255.255 137     UDP
2003-10-06 16:16:10 -04:00      12345678        1       151.202.34.38  
137     151.202.34.255  137     UDP     
2003-10-06 16:16:11 -04:00      12345678        1       151.202.17.122 
137     225.163.11.115  137     UDP     
2003-10-06 16:16:11 -04:00      12345678        1       151.202.34.38  
137     151.202.34.255  137     UDP     
2003-10-06 16:16:12 -04:00      12345678        1       151.202.17.122 
137     225.163.11.115  137     UDP     
2003-10-06 16:16:13 -04:00      12345678        1       151.202.34.119 
520     224.0.0.9       520     UDP     
2003-10-06 16:16:14 -04:00      12345678        1       151.202.17.122 
137     225.163.11.115  137     UDP     
2003-10-06 16:16:15 -04:00      12345678        1       151.202.21.170 
137     151.202.21.255  137     UDP     
2003-10-06 16:16:15 -04:00      12345678        1       151.202.34.38  
138     151.202.34.255  138     UDP     
2003-10-06 16:16:16 -04:00      12345678        1       151.202.21.170 
137     151.202.21.255  137     UDP  
-- 
          ----------------------------------------------------
      Hart's PGP Key: 0x7BFF655E - http://TQMcube.com/hart_pgp.txt
          ----------------------------------------------------
         Total Quality Management - A Commitment to Excellence
   Email acceptance policy: http://www.TQMcube.com/email_policy.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20031006/31b3365d/attachment.bin


More information about the list mailing list