Attacco flood completo ACK di sistema che rallenta Internet

1

Negli ultimi giorni, sto notando che il registro del mio router wireless mostra un attacco di inondazione ACK da vari indirizzi IP. Io uso un D-Link DIR-600L. Ho cercato su Internet, anche attraverso questa domanda. Ma non posso venire a nessuna soluzione. Il mio ISP mi ha consigliato di cambiare gli indirizzi IP DNS e inserirli manualmente. Fare così ancora non ha migliorato i risultati. In effetti, ora alcuni siti web non si aprono e sto ottenendo HTTP Error 404 quando accedo a Facebook da Chrome, non altri browser. Completata anche la cronologia, nulla è cambiato. MalwareBytes Anti Malware ha dimostrato che il mio sistema è chiaro. Reimpostare il router alle impostazioni di fabbrica risolve solo il problema per un certo periodo di tempo. Io uso una connessione PPPoE, dove un filo dell'ISP entra nel router, e da lì un filo Ethernet entra nel mio computer.

Questa è una parte del file di registro che ho recentemente memorizzato sul computer:

Mar 03 22:50:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 22:50:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:49:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 22:49:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:48:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 22:48:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:47:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 22:47:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:46:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 22:46:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 22:46:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:45:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 22:45:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 22:45:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:42:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:41:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:41:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:40:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:40:12 DHCP lease IP 192.168.0.101 to Ayush-PC 90-94-e4-81-d5-69<br>
Mar 03 22:36:40  Per-source UDP Flood Attack Detect Packet Dropped<br>
Mar 03 22:36:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:35:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 22:35:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:13:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:12:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:08:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:00:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 22:00:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:59:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:58:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:51:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:50:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:50:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:49:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:49:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:48:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:48:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:47:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 21:47:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:47:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:46:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:46:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:45:40  Per-source UDP Flood Attack Detect Packet Dropped<br>
Mar 03 21:45:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:45:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:44:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:43:40  Per-source UDP Flood Attack Detect Packet Dropped<br>
Mar 03 21:43:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:41:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 21:41:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:41:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:41:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:40:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:38:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:37:18 DHCP lease IP 192.168.0.101 to Ayush-PC 90-94-e4-81-d5-69<br>
Mar 03 21:30:24 DHCP lease IP 192.168.0.103 to android-8b858b6c6689a266 94-01-c2-23-e9-e1<br>
Mar 03 21:30:24 Authentication Success 94-01-c2-23-e9-e1<br>
Mar 03 21:30:24 Authenticating...... 94-01-c2-23-e9-e1<br>
Mar 03 21:28:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:27:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:26:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:26:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:25:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:24:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:23:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:19:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:18:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:18:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:15:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:15:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:11:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:08:40 Whole System UDP Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:06:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:06:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:04:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 21:04:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:04:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:03:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:01:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:01:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 21:00:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 21:00:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 21:00:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 20:59:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 20:59:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 20:56:40 Whole System SYN Flood Attack from WAN Rule:Default deny<br>
Mar 03 20:32:19 DHCP lease IP 192.168.0.103 to android-8b858b6c6689a266 94-01-c2-23-e9-e1<br>
Mar 03 20:32:18 Authentication Success 94-01-c2-23-e9-e1<br>
Mar 03 20:32:18 Authenticating...... 94-01-c2-23-e9-e1<br>
Mar 03 20:30:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 20:29:06 DHCP lease IP 192.168.0.103 to android-8b858b6c6689a266 94-01-c2-23-e9-e1<br>
Mar 03 20:29:05 Authentication Success 94-01-c2-23-e9-e1<br>
Mar 03 20:29:05 Authenticating...... 94-01-c2-23-e9-e1<br>
Mar 03 20:26:16 DHCP lease IP 192.168.0.103 to android-8b858b6c6689a266 94-01-c2-23-e9-e1<br>
Mar 03 20:26:15 Authentication Success 94-01-c2-23-e9-e1<br>
Mar 03 20:26:15 Authenticating...... 94-01-c2-23-e9-e1<br>
Mar 03 20:03:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 20:03:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 20:02:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 20:02:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 20:01:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 20:01:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 20:00:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 20:00:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:59:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:59:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:55:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:42:53 DHCP lease IP 192.168.0.103 to android-8b858b6c6689a266 94-01-c2-23-e9-e1<br>
Mar 03 19:42:49 Authentication Success 94-01-c2-23-e9-e1<br>
Mar 03 19:42:49 Authenticating...... 94-01-c2-23-e9-e1<br>
Mar 03 19:35:38 Remote management is disabled. <br>
Mar 03 19:35:38 Anti-spoofing enabled. <br>
Mar 03 19:35:38 Block WAN PING enabled. <br>
Mar 03 19:35:37 URL Blocking disabled. <br>
Mar 03 19:35:37 RTSP ALG enabled. <br>
Mar 03 19:35:37 VPN (IPsec) Pass-Through enabled. <br>
Mar 03 19:35:37 VPN (PPTP) Pass-Through enabled. <br>
Mar 03 19:35:37 VPN (L2TP) Pass-Through enabled. <br>
Mar 03 14:05:35 PPPoE line connected <br>
Mar 03 19:35:33 CHAP authentication succeeded <br>
Mar 03 19:35:30 PPPoE: Receive PADS <br>
Mar 03 19:35:30 PPPoE: Sending PADR <br>
Mar 03 19:35:30 WAN Dialup Try to establish PPPoE line<br>
Mar 03 19:35:30 PPPoE: Sending PADI <br>
Mar 03 19:34:31 Manual Hangup Disconnect PPPoE line<br>
Mar 03 19:34:30 CHAP authentication failed <br>
Mar 03 19:34:25 PPPoE: Receive PADS <br>
Mar 03 19:34:25 PPPoE: Sending PADR <br>
Mar 03 19:34:25 WAN Dialup Try to establish PPPoE line<br>
Mar 03 19:34:25 PPPoE: Sending PADI <br>
Mar 03 19:32:57 Manual Hangup Disconnect PPPoE line<br>
Mar 03 19:30:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 19:30:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:30:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:29:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:29:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:28:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:28:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:27:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:27:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:26:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:26:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:25:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:25:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:24:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:24:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:23:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:23:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:22:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 19:22:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:22:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:21:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 19:21:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:21:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:20:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:20:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:19:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:19:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:19:40 Whole System ICMP Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:18:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:18:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:17:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:17:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:16:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:16:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:15:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:15:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:14:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:14:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:13:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 19:13:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:13:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:12:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:12:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 13:41:20 Remote management is disabled. <br>
Mar 03 13:41:20 Anti-spoofing enabled. <br>
Mar 03 13:41:20 Block WAN PING enabled. <br>
Mar 03 13:41:20 URL Blocking disabled. <br>
Mar 03 13:41:20 RTSP ALG enabled. <br>
Mar 03 13:41:20 VPN (IPsec) Pass-Through enabled. <br>
Mar 03 13:41:20 VPN (PPTP) Pass-Through enabled. <br>
Mar 03 13:41:20 VPN (L2TP) Pass-Through enabled. <br>
Mar 03 13:41:18 PPPoE line connected <br>
Mar 03 19:11:16 CHAP authentication succeeded <br>
Mar 03 19:11:13 PPPoE: Receive PADS <br>
Mar 03 19:11:13 PPPoE: Sending PADR <br>
Mar 03 19:11:08 PPPoE: Sending PADR <br>
Mar 03 19:11:08 WAN Dialup Try to establish PPPoE line<br>
Mar 03 19:11:08 PPPoE: Sending PADI <br>
Mar 03 19:10:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:10:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:10:11 Manual Hangup Disconnect PPPoE line<br>
Mar 03 19:09:40  Port Scan Attack Detect Packet Dropped<br>
Mar 03 19:09:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:09:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:08:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:08:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:07:40  Per-source ACK Flood Attack Detect Packet Dropped<br>
Mar 03 19:07:40 Whole System ACK Flood Attack from WAN Rule:Default deny<br>
Mar 03 19:06:40  Per-source ACK Flood Attack Detect Packet Dropped<br>

È interessante notare che quasi tutti gli attacchi si verificano a intervalli di 1 minuto

sta rallentando il mio internet. come lo prevengo?

Modifica : ho le seguenti impostazioni sul mio router

  1. Controllo anti-spoof: ON
  2. Firewall: OFF
  3. DMZ: OFF
  4. WPS: OFF
  5. Wireless avanzato: OFF
  6. Preambolo: Breve
  7. Selezione canale: Auto
  8. Modalità: 802.11 misto (n / g / b)
  9. Larghezza di banda: Auto
  10. 20 / 40Mhz coesistono: OFF
  11. Protezione breve: ON
  12. UPnP: ON
  13. Stream multicast: ON
  14. DNS Relay: ON
posta Ayush Khemka 04.03.2014 - 17:04
fonte

0 risposte

Leggi altre domande sui tag