oggi ho controllato il log del mio router di casa e ho trovato una serie di port scan da diversi IP:
[DoS attack: ACK Scan] from source: 90.1.69.89:1158 Monday, June 15,2015 11:12:14
[DoS attack: ACK Scan] from source: 54.172.3.106:57339 Monday, June 15,2015 11:08:43
[DoS attack: ACK Scan] from source: 93.49.225.168:50743 Monday, June 15,2015 11:07:39
[DoS attack: ACK Scan] from source: 54.172.3.106:57339 Monday, June 15,2015 11:03:42
[DoS attack: ACK Scan] from source: 2.39.195.228:42943 Monday, June 15,2015 11:03:21
[DoS attack: ACK Scan] from source: 93.149.65.227:13056 Monday, June 15,2015 11:02:13
[DoS attack: ACK Scan] from source: 78.200.20.149:62514 Monday, June 15,2015 11:01:32
[DoS attack: ACK Scan] from source: 89.89.139.26:4046 Monday, June 15,2015 11:00:20
[DoS attack: ACK Scan] from source: 78.200.20.149:56318 Monday, June 15,2015 10:58:54
[DoS attack: ACK Scan] from source: 90.14.239.165:50872 Monday, June 15,2015 10:58:32
[DoS attack: ACK Scan] from source: 109.20.160.134:1217 Monday, June 15,2015 10:57:12
[DoS attack: ACK Scan] from source: 90.12.246.15:60502 Monday, June 15,2015 10:56:50
[DoS attack: ACK Scan] from source: 90.14.239.165:50796 Monday, June 15,2015 10:56:09
[DoS attack: ACK Scan] from source: 90.12.246.15:60487 Monday, June 15,2015 10:55:49
[DoS attack: ACK Scan] from source: 109.20.160.134:4674 Monday, June 15,2015 10:51:40
[DoS attack: ACK Scan] from source: 92.136.219.78:63117 Monday, June 15,2015 10:51:18
[DoS attack: ACK Scan] from source: 92.136.219.78:63117 Monday, June 15,2015 10:50:57
[DoS attack: IP Spoofing Attack] from source: 192.168.0.10 Monday, June 15,2015 10:50:25
[DoS attack: ACK Scan] from source: 88.168.160.142:52687 Monday, June 15,2015 10:49:30
[DoS attack: ACK Scan] from source: 90.39.238.30:55837 Monday, June 15,2015 10:48:49
[DoS attack: ACK Scan] from source: 109.20.160.134:4429 Monday, June 15,2015 10:48:06
[DoS attack: ACK Scan] from source: 109.20.160.134:4429 Monday, June 15,2015 10:47:46
[DoS attack: ACK Scan] from source: 78.124.99.225:51579 Monday, June 15,2015 10:44:37
[DoS attack: ACK Scan] from source: 79.81.205.41:56038 Monday, June 15,2015 10:43:09
[DoS attack: ACK Scan] from source: 78.200.20.149:55225 Monday, June 15,2015 10:42:28
[DoS attack: ACK Scan] from source: 2.39.195.228:53617 Monday, June 15,2015 10:39:40
[DoS attack: ACK Scan] from source: 2.39.195.228:51786 Monday, June 15,2015 10:30:00
[DoS attack: ACK Scan] from source: 2.39.195.228:50828 Monday, June 15,2015 10:25:40
[DoS attack: RST Scan] from source: 188.121.36.239:80 Monday, June 15,2015 10:22:52
[DoS attack: ACK Scan] from source: 2.39.195.228:65427 Monday, June 15,2015 10:13:19
[DoS attack: ACK Scan] from source: 66.119.63.93:80 Monday, June 15,2015 10:09:33
[DoS attack: ACK Scan] from source: 93.149.19.108:62013 Monday, June 15,2015 10:09:12
[DoS attack: ACK Scan] from source: 93.149.19.108:62013 Monday, June 15,2015 10:08:29
[DoS attack: RST Scan] from source: 23.21.184.61:443 Monday, June 15,2015 10:07:27
[DoS attack: ACK Scan] from source: 90.31.134.6:64600 Monday, June 15,2015 10:04:58
[DoS attack: ACK Scan] from source: 88.122.210.119:54055 Monday, June 15,2015 10:03:35
[DoS attack: ACK Scan] from source: 88.185.97.103:61084 Monday, June 15,2015 10:03:14
[DoS attack: ACK Scan] from source: 84.96.88.112:52459 Monday, June 15,2015 10:02:14
[DoS attack: ACK Scan] from source: 88.185.97.103:59048 Monday, June 15,2015 10:00:52
[DoS attack: ACK Scan] from source: 151.41.37.24:11476 Monday, June 15,2015 10:00:29
[DoS attack: ACK Scan] from source: 82.246.74.78:61934 Monday, June 15,2015 09:58:04
[DoS attack: ACK Scan] from source: 90.62.167.232:56813 Monday, June 15,2015 09:57:44
[DoS attack: ACK Scan] from source: 88.162.97.37:64889 Monday, June 15,2015 09:57:22
[DoS attack: ACK Scan] from source: 82.246.74.78:61934 Monday, June 15,2015 09:56:40
[DoS attack: ACK Scan] from source: 192.167.208.145:63666 Monday, June 15,2015 09:52:49
[DoS attack: ACK Scan] from source: 93.45.165.134:59565 Monday, June 15,2015 09:50:24
[DoS attack: ACK Scan] from source: 151.52.221.83:58043 Monday, June 15,2015 09:49:20
[DoS attack: ACK Scan] from source: 93.45.165.134:59565 Monday, June 15,2015 09:47:12
[DoS attack: ACK Scan] from source: 95.235.15.194:56262 Monday, June 15,2015 09:45:15
[DoS attack: ACK Scan] from source: 87.4.103.222:62867 Monday, June 15,2015 09:44:24
[DoS attack: ACK Scan] from source: 151.52.221.83:58043 Monday, June 15,2015 09:38:37
[DoS attack: ACK Scan] from source: 23.37.43.27:80 Monday, June 15,2015 09:37:50
[DoS attack: RST Scan] from source: 108.160.172.236:443 Monday, June 15,2015 09:36:59
[DoS attack: ACK Scan] from source: 23.41.25.5:80 Monday, June 15,2015 09:36:58
[DoS attack: ACK Scan] from source: 80.180.193.193:49907 Monday, June 15,2015 09:32:54
[DoS attack: RST Scan] from source: 82.48.54.105:27778 Monday, June 15,2015 09:27:18
Non ho mai controllato il log del mio router ma questa frequenza di scansione sembra davvero fuori dall'ordinario. Ho anche provato a fare una scansione dal mio computer interno usando il mio indirizzo IP esterno:
nmap -sS external.ip.address
e tutte le porte sono risultate filtrate. Ora, è questa la normale velocità di scansione che un router domestico è soggetto? Altri post nel forum riguardavano un singolo ip che eseguiva la scansione delle porte, ma qui vengono ogni volta scansionati da una fonte diversa.