125cc Sportsbikes Forum: What the hell is all this - 125cc Sportsbikes Forum

Jump to content



Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

What the hell is all this router related

#1 User is offline   badassmofcker 

  • 125cc Sportsbikes Rider
  • PipPip
  • Group: Members
  • Posts: 127
  • Joined: 18-December 06
  • Location:goole east yorkshire

Posted 31 July 2010 - 03:48 PM

Am gunna change my router tomorrow as i have got a new one... I was looking through the settings to see if i could find my username and password to save ringing pipex..... I looked on the firewall security log and saw the following stuff............... I download torrentz and the port i have set up is on the log 57535...... ?????? Is the firewall just logging torrentz as a threat or is it a real threat ??????? thanks guys






The router keeps a log of all activity within the router such as computers logging in and out and any attempts from the Internet to access the router. The log is viewable below.


Log File
System log:
Jul 31 10:20:51 pppd[562]: Clear IP addresses. Connection DOWN.
Jul 31 10:20:52 pppd[562]: Clear IP addresses. PPP connection DOWN.
Jul 31 10:21:03 pppd[562]: PPP LCP UP.
Jul 31 10:21:03 pppd[562]: Received valid IP address from server. Connection UP.
Jul 31 10:30:03 pppd[562]: Clear IP addresses. Connection DOWN.
Jul 31 10:30:04 pppd[562]: Clear IP addresses. PPP connection DOWN.
Jul 31 10:30:08 pppd[562]: PPP: Try to connect to PPP server ...
Jul 31 10:30:10 pppd[562]: PPP LCP UP.
Jul 31 10:30:10 pppd[562]: Received valid IP address from server. Connection UP.
Jul 31 10:39:40 pppd[562]: Clear IP addresses. Connection DOWN.
Jul 31 10:39:42 pppd[562]: Clear IP addresses. PPP connection DOWN.
Jul 31 10:39:47 pppd[562]: PPP LCP UP.
Jul 31 10:39:48 pppd[562]: Received valid IP address from server. Connection UP.
Jul 31 10:55:47 pppd[562]: Clear IP addresses. Connection DOWN.
Jul 31 10:55:48 pppd[562]: Clear IP addresses. PPP connection DOWN.
Jul 31 10:55:58 pppd[562]: PPP LCP UP.
Jul 31 10:55:59 pppd[562]: Received valid IP address from server. Connection UP.
Jul 31 11:26:59 pppd[562]: Clear IP addresses. Connection DOWN.
Jul 31 11:26:59 pppd[562]: Clear IP addresses. PPP connection DOWN.
Jul 31 11:27:05 pppd[562]: PPP LCP UP.
Jul 31 11:27:05 pppd[562]: Received valid IP address from server. Connection UP.
Jul 31 16:33:51 syslog: User from 192.168.2.3 login success !

Firewall log:
Jul 31 10:10:35 kernel: PORT SCANNER ATTACK detected from 204.213.227.226. Source port is 64974, and destination port is 57535 which use the TCP protocol.

Jul 31 10:11:02 kernel: Intrusion detected from 119.160.178.206. Source port is 3240, and destination port is 23 which use the TCP protocol.

Jul 31 10:12:18 kernel: Intrusion detected from 190.40.60.87. Source port is 2531, and destination port is 23 which use the TCP protocol.

Jul 31 10:14:10 kernel: Intrusion detected from 24.20.218.187. Source port is 38108, and destination port is 61249 which use the TCP protocol.

Jul 31 10:17:09 kernel: PORT SCANNER ATTACK detected from 58.218.204.110. Source port is 12200, and destination port is 9415 which use the TCP protocol.

Jul 31 10:17:09 kernel: PORT SCANNER ATTACK detected from 58.218.204.110. Source port is 12200, and destination port is 8080 which use the TCP protocol.

Jul 31 10:17:09 kernel: PORT SCANNER ATTACK detected from 58.218.204.110. Source port is 12200, and destination port is 80 which use the TCP protocol.

Jul 31 10:20:01 kernel: Intrusion detected from 83.37.170.0. Source port is 64362, and destination port is 61544 which use the TCP protocol.

Jul 31 10:21:12 kernel: Intrusion detected from 77.39.3.106. Source port is 4301, and destination port is 23 which use the TCP protocol.

Jul 31 10:21:48 kernel: Intrusion detected from 89.147.75.2. Source port is 4583, and destination port is 445 which use the TCP protocol.

Jul 31 10:21:51 kernel: Intrusion detected from 89.147.75.2. Source port is 4583, and destination port is 445 which use the TCP protocol.

Jul 31 10:22:18 kernel: Intrusion detected from 88.187.30.123. Source port is 2538, and destination port is 135 which use the TCP protocol.

Jul 31 10:22:21 kernel: Intrusion detected from 88.187.30.123. Source port is 2538, and destination port is 135 which use the TCP protocol.

Jul 31 10:26:34 kernel: PORT SCANNER ATTACK detected from 99.234.117.218. Source port is 57474, and destination port is 57535 which use the TCP protocol.

Jul 31 10:26:35 kernel: PORT SCANNER ATTACK detected from 99.234.117.218. Source port is 57474, and destination port is 57535 which use the TCP protocol.

Jul 31 10:26:36 kernel: PORT SCANNER ATTACK detected from 92.29.188.249. Source port is 61744, and destination port is 57535 which use the TCP protocol.

Jul 31 10:26:53 kernel: PORT SCANNER ATTACK detected from 97.115.196.34. Source port is 63069, and destination port is 57535 which use the TCP protocol.

Jul 31 10:26:55 kernel: PORT SCANNER ATTACK detected from 204.213.227.226. Source port is 13699, and destination port is 57535 which use the TCP protocol.

Jul 31 10:34:05 kernel: PORT SCANNER ATTACK detected from 24.183.58.27. Source port is 4603, and destination port is 57535 which use the TCP protocol.

Jul 31 10:34:05 kernel: PORT SCANNER ATTACK detected from 88.207.12.65. Source port is 57545, and destination port is 57535 which use the TCP protocol.

Jul 31 10:34:05 kernel: PORT SCANNER ATTACK detected from 188.51.45.95. Source port is 52285, and destination port is 57535 which use the TCP protocol.

Jul 31 10:34:05 kernel: PORT SCANNER ATTACK detected from 84.202.219.20. Source port is 51404, and destination port is 57535 which use the TCP protocol.

Jul 31 10:34:06 kernel: PORT SCANNER ATTACK detected from 90.214.71.140. Source port is 63876, and destination port is 57535 which use the TCP protocol.

Jul 31 10:35:17 kernel: Intrusion detected from 67.204.251.13. Source port is 63314, and destination port is 62484 which use the TCP protocol.

Jul 31 10:35:18 kernel: Intrusion detected from 92.244.3.170. Source port is 58318, and destination port is 62484 which use the TCP protocol.

Jul 31 10:35:20 kernel: Intrusion detected from 67.204.251.13. Source port is 63314, and destination port is 62484 which use the TCP protocol.

Jul 31 10:35:21 kernel: Intrusion detected from 92.244.3.170. Source port is 58318, and destination port is 62484 which use the TCP protocol.

Jul 31 10:35:26 kernel: Intrusion detected from 67.204.251.13. Source port is 63314, and destination port is 62484 which use the TCP protocol.

Jul 31 10:42:23 kernel: PORT SCANNER ATTACK detected from 72.83.161.102. Source port is 60632, and destination port is 57535 which use the TCP protocol.

Jul 31 10:42:24 kernel: PORT SCANNER ATTACK detected from 76.226.26.22. Source port is 50998, and destination port is 57535 which use the TCP protocol.

Jul 31 10:42:24 kernel: PORT SCANNER ATTACK detected from 76.91.220.181. Source port is 62356, and destination port is 57535 which use the TCP protocol.

Jul 31 10:42:24 kernel: PORT SCANNER ATTACK detected from 87.227.6.36. Source port is 65050, and destination port is 57535 which use the TCP protocol.

Jul 31 10:42:24 kernel: PORT SCANNER ATTACK detected from 24.142.50.90. Source port is 61546, and destination port is 57535 which use the TCP protocol.

Jul 31 10:44:00 kernel: Intrusion detected from 74.190.93.145. Source port is 63971, and destination port is 63057 which use the TCP protocol.

Jul 31 10:44:03 kernel: Intrusion detected from 74.190.93.145. Source port is 63971, and destination port is 63057 which use the TCP protocol.

Jul 31 10:44:09 kernel: Intrusion detected from 74.190.93.145. Source port is 63971, and destination port is 63057 which use the TCP protocol.

Jul 31 10:45:29 kernel: Intrusion detected from 72.83.161.102. Source port is 60678, and destination port is 63057 which use the TCP protocol.

Jul 31 10:45:31 kernel: Intrusion detected from 72.83.161.102. Source port is 60678, and destination port is 63057 which use the TCP protocol.

Jul 31 10:54:05 kernel: Intrusion detected from 75.4.137.160. Source port is 56444, and destination port is 63057 which use the TCP protocol.

Jul 31 11:02:32 kernel: PORT SCANNER ATTACK detected from 94.15.9.114. Source port is 63721, and destination port is 57535 which use the TCP protocol.

Jul 31 11:02:32 kernel: PORT SCANNER ATTACK detected from 98.184.73.143. Source port is 2081, and destination port is 57535 which use the TCP protocol.

Jul 31 11:02:34 kernel: PORT SCANNER ATTACK detected from 94.171.24.74. Source port is 58678, and destination port is 57535 which use the TCP protocol.

Jul 31 11:02:35 kernel: PORT SCANNER ATTACK detected from 98.184.73.143. Source port is 2081, and destination port is 57535 which use the TCP protocol.

Jul 31 11:02:37 kernel: PORT SCANNER ATTACK detected from 67.204.6.43. Source port is 61434, and destination port is 57535 which use the TCP protocol.

Jul 31 11:02:42 kernel: Intrusion detected from 109.76.154.121. Source port is 61582, and destination port is 64253 which use the TCP protocol.

Jul 31 11:02:43 kernel: Intrusion detected from 109.76.154.121. Source port is 61582, and destination port is 64253 which use the TCP protocol.

Jul 31 11:02:44 kernel: Intrusion detected from 109.76.154.121. Source port is 61582, and destination port is 64253 which use the TCP protocol.

Jul 31 11:02:47 kernel: Intrusion detected from 109.76.154.121. Source port is 61582, and destination port is 64253 which use the TCP protocol.

Jul 31 11:02:51 kernel: Intrusion detected from 109.76.154.121. Source port is 61582, and destination port is 64253 which use the TCP protocol.

Jul 31 11:13:02 kernel: Intrusion detected from 24.142.50.90. Source port is 64149, and destination port is 64550 which use the TCP protocol.

Jul 31 11:22:45 kernel: Intrusion detected from 68.148.153.46. Source port is 54259, and destination port is 64921 which use the TCP protocol.

Jul 31 11:34:03 kernel: PORT SCANNER ATTACK detected from 24.142.50.90. Source port is 49351, and destination port is 57535 which use the TCP protocol.

Jul 31 11:34:03 kernel: PORT SCANNER ATTACK detected from 188.221.222.106. Source port is 60263, and destination port is 57535 which use the TCP protocol.

Jul 31 11:34:03 kernel: PORT SCANNER ATTACK detected from 92.244.3.170. Source port is 62472, and destination port is 57535 which use the TCP protocol.

Jul 31 11:34:03 kernel: PORT SCANNER ATTACK detected from 68.148.153.46. Source port is 54508, and destination port is 57535 which use the TCP protocol.

Jul 31 11:34:03 kernel: PORT SCANNER ATTACK detected from 82.143.132.148. Source port is 52576, and destination port is 57535 which use the TCP protocol.

Jul 31 11:34:47 kernel: Intrusion detected from 24.2.2.11. Source port is 2243, and destination port is 49287 which use the TCP protocol.

Jul 31 11:34:50 kernel: Intrusion detected from 24.2.2.11. Source port is 2243, and destination port is 49287 which use the TCP protocol.

Jul 31 11:34:56 kernel: Intrusion detected from 24.2.2.11. Source port is 2243, and destination port is 49287 which use the TCP protocol.

Jul 31 11:34:57 kernel: Intrusion detected from 207.161.240.223. Source port is 50421, and destination port is 49287 which use the TCP protocol.

Jul 31 11:35:00 kernel: Intrusion detected from 207.161.240.223. Source port is 50421, and destination port is 49287 which use the TCP protocol.

Jul 31 11:42:24 kernel: PORT SCANNER ATTACK detected from 124.150.55.125. Source port is 1226, and destination port is 49276 which use the TCP protocol.

Jul 31 11:42:27 kernel: PORT SCANNER ATTACK detected from 173.51.43.161. Source port is 1024, and destination port is 49276 which use the TCP protocol.

Jul 31 11:42:27 kernel: PORT SCANNER ATTACK detected from 76.127.81.186. Source port is 58716, and destination port is 57535 which use the TCP protocol.

Jul 31 11:42:30 kernel: PORT SCANNER ATTACK detected from 173.51.43.161. Source port is 1024, and destination port is 49276 which use the TCP protocol.

Jul 31 11:42:30 kernel: PORT SCANNER ATTACK detected from 173.188.44.165. Source port is 63096, and destination port is 57535 which use the TCP protocol.

Jul 31 11:45:07 kernel: Intrusion detected from 92.244.3.170. Source port is 63265, and destination port is 49287 which use the TCP protocol.

Jul 31 11:59:33 kernel: Intrusion detected from 77.112.128.52. Source port is 2654, and destination port is 445 which use the TCP protocol.

Jul 31 12:06:07 kernel: Intrusion detected from 110.175.173.74. Source port is 1253, and destination port is 49276 which use the TCP protocol.

Jul 31 12:15:20 kernel: Intrusion detected from 67.42.42.10. Source port is 3814, and destination port is 49276 which use the TCP protocol.

Jul 31 12:25:55 kernel: Intrusion detected from 88.112.1.115. Source port is 54741, and destination port is 49276 which use the TCP protocol.

Jul 31 12:35:11 kernel: Intrusion detected from 221.195.73.68. Source port is 12200, and destination port is 9090 which use the TCP protocol.

Jul 31 12:46:08 kernel: Intrusion detected from 88.201.181.123. Source port is 2786, and destination port is 135 which use the TCP protocol.

Jul 31 13:04:48 kernel: Intrusion detected from 83.36.174.67. Source port is 4954, and destination port is 23 which use the TCP protocol.

Jul 31 13:07:32 kernel: Intrusion detected from 93.186.118.142. Source port is 4312, and destination port is 1433 which use the TCP protocol.

Jul 31 13:35:25 kernel: Intrusion detected from 122.227.195.154. Source port is 27992, and destination port is 4899 which use the TCP protocol.

Jul 31 13:47:04 kernel: Intrusion detected from 58.218.204.110. Source port is 12200, and destination port is 8080 which use the TCP protocol.

Jul 31 13:47:04 kernel: Intrusion detected from 58.218.204.110. Source port is 12200, and destination port is 8118 which use the TCP protocol.

Jul 31 13:47:04 kernel: Intrusion detected from 58.218.204.110. Source port is 12200, and destination port is 2301 which use the TCP protocol.

Jul 31 13:47:04 kernel: PORT SCANNER ATTACK detected from 58.218.204.110. Source port is 12200, and destination port is 8008 which use the TCP protocol.

Jul 31 13:47:05 kernel: PORT SCANNER ATTACK detected from 58.218.204.110. Source port is 12200, and destination port is 8129 which use the TCP protocol.

Jul 31 13:47:05 kernel: PORT SCANNER ATTACK detected from 58.218.204.110. Source port is 12200, and destination port is 6588 which use the TCP protocol.

Jul 31 13:55:26 kernel: Intrusion detected from 221.195.73.68. Source port is 12200, and destination port is 9415 which use the TCP protocol.

Jul 31 14:06:25 kernel: Intrusion detected from 116.52.229.198. Source port is 47431, and destination port is 23 which use the TCP protocol.

Jul 31 14:24:07 kernel: Intrusion detected from 93.127.3.215. Source port is 4061, and destination port is 23 which use the TCP protocol.

Jul 31 14:34:30 kernel: Intrusion detected from 109.165.78.237. Source port is 2251, and destination port is 23 which use the TCP protocol.

Jul 31 14:34:51 kernel: Intrusion detected from 94.51.68.206. Source port is 2839, and destination port is 22 which use the TCP protocol.

Jul 31 15:00:28 kernel: Intrusion detected from 88.173.192.161. Source port is 3428, and destination port is 135 which use the TCP protocol.

Jul 31 15:00:31 kernel: Intrusion detected from 88.173.192.161. Source port is 3428, and destination port is 135 which use the TCP protocol.

Jul 31 15:05:01 kernel: Intrusion detected from 190.12.111.161. Source port is 6418, and destination port is 22 which use the TCP protocol.

Jul 31 15:17:53 kernel: Intrusion detected from 88.222.194.109. Source port is 4419, and destination port is 135 which use the TCP protocol.

Jul 31 15:28:08 kernel: Intrusion detected from 88.184.142.198. Source port is 1467, and destination port is 445 which use the TCP protocol.

Jul 31 15:53:52 kernel: Intrusion detected from 172.181.128.200. Source port is 4944, and destination port is 445 which use the TCP protocol.

Jul 31 15:53:55 kernel: Intrusion detected from 172.181.128.200. Source port is 4944, and destination port is 445 which use the TCP protocol.

Jul 31 15:56:19 kernel: Intrusion detected from 88.185.68.75. Source port is 2903, and destination port is 135 which use the TCP protocol.

Jul 31 16:12:02 kernel: Intrusion detected from 222.45.226.66. Source port is 6000, and destination port is 135 which use the TCP protocol.

Jul 31 16:14:49 kernel: Intrusion detected from 112.197.72.26. Source port is 1259, and destination port is 445 which use the TCP protocol.

Jul 31 16:27:24 kernel: Intrusion detected from 125.25.250.185. Source port is 4094, and destination port is 23 which use the TCP protocol.

Jul 31 16:41:09 kernel: Intrusion detected from 95.68.157.127. Source port is 3539, and destination port is 23 which use the TCP protocol.

#2 User is online   rickyduck 

  • 125cc Sportsbikes Racer
  • Group: Supporters
  • Posts: 451
  • Joined: 06-July 09

Posted 31 July 2010 - 05:31 PM

delete your computer, QUICK!

#3 User is offline   CBRStanley 

  • 125cc Sportsbikes Rider
  • PipPip
  • Group: Members
  • Posts: 146
  • Joined: 01-June 09
  • Location:Stanley, Durham

Posted 31 July 2010 - 06:18 PM

wouldnt worry about it, looks like normal peer to peer connections

#4 User is offline   Carlos_CBR! 

  • 125cc Sportsbikes Supporter
  • Group: Supporters
  • Posts: 3,632
  • Joined: 31-January 06
  • Location:Littleport (Cambs)

Posted 31 July 2010 - 07:51 PM

You have a hacker! Format it NOW!

#5 User is offline   Tariq 

  • 125cc Sportsbikes Rider
  • PipPip
  • Group: Members
  • Posts: 204
  • Joined: 06-July 10

Posted 31 July 2010 - 08:00 PM

A friend had a hacker through the router. He managed to access his pc while he was using it, open notepad, type "you see this folder???", and then delete the folder. He quickly fixed it. Cant remember how tho :D

This post has been edited by Tariq: 31 July 2010 - 08:00 PM

#6 User is offline   9mito2 

  • 125cc Sportsbikes Mechanic
  • Group: Supporters
  • Posts: 678
  • Joined: 09-September 08
  • Location:cirencester

Posted 31 July 2010 - 08:04 PM

1st i sline dropping then loging in again
2nd is standard firewall alert logs

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic



1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users