Forum |  HardWare.fr | News | Articles | PC | S'identifier | S'inscrire | Shop Recherche
3712 connectés 

  FORUM HardWare.fr
  Windows & Software

  analyse de log de routeur

 
 


 Mot :   Pseudo :  
 
Bas de page
Auteur Sujet :

analyse de log de routeur

n°1957124
mobilete
vot chto ya lublu
Posté le 11-03-2005 à 16:19:03  profilanswer
 

Bonjour,
 
 
j'aurais voulu savoir si si le log suivant vous paraissais suspect
 
 
en effet on retrouve assez souvent certaines IP en provenance de wanadoo
 
ca pourrais etre tout simplement un vers mais je ne sais
 
 
es ce anormal ?
 

Citation :

Thur, 03/10/2005 12:52:26 - TCP connection dropped - Source:82.237.20.97, 1701, WAN - Destination:*MON IP*, 6101, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 12:53:02 - TCP connection dropped - Source:82.253.151.141, 4731, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 12:54:38 - TCP connection dropped - Source:82.149.191.165, 4389, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 12:56:48 - TCP connection dropped - Source:141.213.11.238, 3629, WAN - Destination:*MON IP*, 3410, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 13:08:04 - TCP connection dropped - Source:82.224.108.12, 4340, WAN - Destination:*MON IP*, 17771, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 13:11:08 - TCP connection dropped - Source:82.43.164.105, 1935, WAN - Destination:*MON IP*, 1025, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 13:17:16 - TCP connection dropped - Source:82.127.19.188, 2755, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 13:21:42 - TCP connection dropped - Source:82.127.19.188, 4193, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 13:31:52 - TCP connection dropped - Source:218.62.8.70, 3701, WAN - Destination:*MON IP*, 22, LAN - 'SSH'
Thur, 03/10/2005 13:59:58 - TCP connection dropped - Source:80.189.231.116, 3972, WAN - Destination:*MON IP*, 17300, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 14:09:26 - TCP connection dropped - Source:82.228.144.70, 2060, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:11:44 - TCP connection dropped - Source:82.127.141.33, 1887, WAN - Destination:*MON IP*, 1025, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 14:11:44 - TCP connection dropped - Source:82.127.141.33, 1890, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:11:46 - TCP connection dropped - Source:82.127.141.33, 1890, WAN - Destination:*MON IP*, 139, LAN - 'Possible Port Scan'
Thur, 03/10/2005 14:11:54 - TCP connection dropped - Source:82.53.144.161, 3278, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:15:26 - UDP packet dropped - Source:83.192.56.89, 3008, WAN - Destination:*MON IP*, 135, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 14:23:44 - UDP packet dropped - Source:218.200.176.30, 1124, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 14:23:44 - TCP connection dropped - Source:82.52.61.118, 3925, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:27:14 - TCP connection dropped - Source:82.232.84.131, 4234, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:36:42 - TCP connection dropped - Source:217.219.145.9, 3228, WAN - Destination:*MON IP*, 21, LAN - 'FTP-ctrl'
Thur, 03/10/2005 14:52:16 - TCP connection dropped - Source:82.127.139.63, 4083, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:52:58 - TCP connection dropped - Source:82.157.86.159, 1676, WAN - Destination:*MON IP*, 2745, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 15:03:34 - UDP packet dropped - Source:195.89.58.57, 27327, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 15:03:36 - UDP packet dropped - Source:195.67.4.11, 16804, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 15:03:58 - UDP packet dropped - Source:165.146.6.246, 4412, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 15:11:20 - TCP connection dropped - Source:82.236.189.60, 1690, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 15:21:12 - UDP packet dropped - Source:218.83.153.58, 60048, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 15:24:44 - TCP connection dropped - Source:60.34.186.120, 1057, WAN - Destination:*MON IP*, 5554, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 15:34:18 - UDP packet dropped - Source67.126.194.45, 2893, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 21:03:28 - UDP packet dropped - Source:196.33.25.190, 29756, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 21:03:30 - UDP packet dropped - Source:195.28.16.108, 13759, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 21:14:00 - TCP connection dropped - Source:211.193.128.140, 2322, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 21:22:16 - TCP connection dropped - Source:218.147.68.125, 4009, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 22:05:00 - TCP connection dropped - Source:80.132.181.254, 1727, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 22:47:56 - TCP connection dropped - Source:61.231.58.201, 3891, WAN - Destination:*MON IP*, 1080, LAN - 'socks proxy'
Thur, 03/10/2005 23:04:46 - TCP connection dropped - Source:218.59.36.38, 4530, WAN - Destination:*MON IP*, 21, LAN - 'FTP-ctrl'
Thur, 03/10/2005 23:26:38 - UDP packet dropped - Source:218.83.153.58, 38671, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 23:44:42 - TCP connection dropped - Source:221.141.160.206, 3692, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 00:02:22 - UDP packet dropped - Source:82.127.182.15, 1025, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 00:03:26 - UDP packet dropped - Source:195.185.56.245, 22449, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 00:03:26 - UDP packet dropped - Source:195.24.233.157, 16439, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 00:03:30 - Successful administrator login - Source:192.168.1.10, 2749, LAN - Destination:192.168.1.123, 80, LAN
Fri, 03/11/2005 09:05:58 - TCP connection dropped - Source:211.200.247.81, 1210, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 09:06:28 - TCP connection dropped - Source:202.103.213.38, 7000, WAN - Destination:*MON IP*, 13351, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 09:11:00 - The Login expires after 192.168.1.10 idles for 5 minutes.
Fri, 03/11/2005 09:16:04 - TCP connection dropped - Source:64.173.8.106, 18366, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 09:25:34 - TCP connection dropped - Source:61.254.233.71, 4398, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 09:35:04 - TCP connection dropped - Source:218.19.155.151, 61999, WAN - Destination:*MON IP*, 8080, LAN - 'WEB proxy'
Fri, 03/11/2005 09:35:04 - TCP connection dropped - Source:218.19.155.151, 64535, WAN - Destination:*MON IP*, 80, LAN - 'WEB'
Fri, 03/11/2005 10:04:02 - UDP packet dropped - Source:202.99.170.59, 1219, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 10:06:16 - TCP connection dropped - Source:193.55.120.160, 1689, WAN - Destination:*MON IP*, 21, LAN - 'FTP-ctrl'
Fri, 03/11/2005 10:17:40 - TCP connection dropped - Source:82.127.19.188, 3027, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 10:27:06 - UDP packet dropped - Source:211.126.156.135, 3283, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 10:35:56 - TCP connection dropped - Source:82.127.19.188, 4376, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 10:50:20 - TCP connection dropped - Source:82.127.19.188, 1614, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 11:02:48 - TCP connection dropped - Source:82.127.19.188, 2110, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 11:07:23 - TCP connection dropped - Source:82.127.19.188, 4278, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 11:15:37 - UDP packet dropped - Source:202.9.178.33, 1139, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 11:25:35 - UDP packet dropped - Source:82.127.163.18, 1034, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 11:36:27 - UDP packet dropped - Source:82.127.163.18, 1033, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 11:44:39 - TCP connection dropped - Source:82.127.19.188, 1178, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 11:47:11 - TCP connection dropped - Source:211.238.89.217, 2545, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 12:01:33 - UDP packet dropped - Source:82.54.155.182, 3060, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:02:19 - TCP connection dropped - Source:82.127.19.188, 1323, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:03:27 - UDP packet dropped - Source:195.123.108.168, 11323, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:03:27 - UDP packet dropped - Source:195.230.230.20, 21247, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:04:59 - TCP connection dropped - Source:82.127.163.101, 4923, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:09:37 - UDP packet dropped - Source:219.149.41.131, 2306, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:09:59 - TCP connection dropped - Source:82.127.19.188, 1485, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:12:53 - UDP packet dropped - Source:82.54.155.182, 3057, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:25:17 - TCP connection dropped - Source:211.49.230.112, 3510, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 12:34:25 - TCP connection dropped - Source:82.127.19.188, 2378, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:35:53 - TCP connection dropped - Source:24.31.173.85, 2373, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 12:44:23 - TCP connection dropped - Source:82.127.248.35, 1420, WAN - Destination:*MON IP*, 1025, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 12:47:25 - TCP connection dropped - Source:82.127.19.188, 3217, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:51:47 - UDP packet dropped - Source:216.26.148.5, 15448, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:52:39 - TCP connection dropped - Source:82.127.150.144, 2856, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:53:27 - TCP connection dropped - Source:82.127.19.188, 2091, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:08:21 - TCP connection dropped - Source:82.127.150.144, 3320, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:14:51 - TCP connection dropped - Source:82.127.19.188, 1551, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:21:23 - TCP connection dropped - Source:82.127.19.188, 2241, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:28:01 - TCP connection dropped - Source:82.172.30.156, 4177, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:31:21 - UDP packet dropped - Source:210.254.80.80, 1450, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 13:38:55 - TCP connection dropped - Source:82.127.19.188, 2524, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:39:29 - TCP connection dropped - Source:82.127.210.65, 3045, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:45:51 - TCP connection dropped - Source:82.127.19.188, 1113, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:49:35 - TCP connection dropped - Source:222.117.17.117, 3203, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 13:50:35 - TCP connection dropped - Source:82.127.196.59, 2150, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:52:29 - TCP connection dropped - Source:82.127.19.188, 4690, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:57:05 - TCP connection dropped - Source:82.127.19.188, 3156, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:00:57 - TCP connection dropped - Source:211.22.89.250, 4801, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 14:02:43 - TCP connection dropped - Source:82.127.19.188, 2539, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:09:55 - TCP connection dropped - Source:82.127.19.188, 2770, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:22:47 - TCP connection dropped - Source:218.246.95.127, 2415, WAN - Destination:*MON IP*, 8080, LAN - 'WEB proxy'
Fri, 03/11/2005 14:34:17 - UDP packet dropped - Source:82.123.67.226, 3283, WAN - Destination:*MON IP*, 3283, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 14:48:25 - TCP connection dropped - Source:82.127.19.188, 1870, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:54:53 - TCP connection dropped - Source:82.127.19.188, 3900, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:57:17 - TCP connection dropped - Source:82.252.245.120, 3539, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:03:21 - UDP packet dropped - Source:195.175.122.71, 22852, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 15:03:23 - UDP packet dropped - Source:195.21.193.234, 6445, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 15:21:07 - TCP connection dropped - Source:82.127.19.188, 3852, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:27:35 - TCP connection dropped - Source:82.127.19.188, 2318, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:30:11 - UDP packet dropped - Source:202.99.177.56, 1038, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 15:33:07 - TCP connection dropped - Source:82.127.19.188, 4857, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:37:47 - TCP connection dropped - Source:82.127.19.188, 3779, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:38:15 - TCP connection dropped - Source:82.237.191.147, 2808, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:40:11 - TCP connection dropped - Source:82.51.186.222, 4241, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:52:07 - TCP connection dropped - Source:217.107.19.63, 2336, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 15:59:15 - TCP connection dropped - Source:82.127.19.188, 3842, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 16:03:25 - Successful administrator login - Source:192.168.1.10, 3506, LAN - Destination:192.168.1.123, 80, LAN
Fri, 03/11/2005 16:07:27 - TCP connection dropped - Source:82.127.19.188, 1150, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 16:08:05 - UDP packet dropped - Source:61.159.62.142, 1083, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 16:09:15 - The Login expires after 192.168.1.10 idles for 5 minutes.
Fri, 03/11/2005 16:14:21 - Successful administrator login - Source:192.168.1.107, 3791, LAN - Destination:192.168.1.123, 80, LAN
 
End of Log ----------

mood
Publicité
Posté le 11-03-2005 à 16:19:03  profilanswer
 

n°1957404
azubal
Posté le 11-03-2005 à 20:32:39  profilanswer
 

ton routeur le bloque ?
bon bah alors :D pourquoi tu veux te prendre la tete a savoir d'ou ca viens :)
ca peut etre n'importe quoi.


Message édité par azubal le 11-03-2005 à 20:33:52
n°1957414
mobilete
vot chto ya lublu
Posté le 11-03-2005 à 20:42:07  profilanswer
 

ok
 
merci


Aller à :
Ajouter une réponse
  FORUM HardWare.fr
  Windows & Software

  analyse de log de routeur

 

Sujets relatifs
Partage connexion freebox : obligé d'activer fction routeur ?Souci avec routeur 7004VBR avec freebox
Question sur modem routeur Dlink G604tserveur web derrière un routeur
routeur barricade + switchport map c'est quoi ? et pour configurer msn avec mon routeur ?
Creer Serveur FTP Perso derrière routeur Linksys BEFDSR41W Impossibleest ce que j'ai besoin d'un routeur ????
Problème envoie de messages avec routeur linksysConnexion auto routeur linux
Plus de sujets relatifs à : analyse de log de routeur

Forum MesDiscussions.Net, Version 2010.2
(c) 2000-2011 Doctissimo
Page générée en 0.043 secondes

Copyright © 1997-2025 Groupe LDLC (Signaler un contenu illicite / Données personnelles)