Post a reply

Xmas port scan attack

Post » Tue Dec 06, 2011 8:38 pm

So I've been having problems with staying connected to my internet connection, minecraft and xboxlive lately. So I went onto my router and checked the logs to see if I was being attacked. This is what the logs showed:

Xmas port scan attack from WAN (ip:69.63.180.47) detected.



So I used a whois service to find out who that is thats attacking my internet connection and I get this:
69.63.180.47 Whois
#
# Query terms are ambiguous. The query is assumed to be:
# "n 69.63.180.47"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=69.63.180.47?showDetails=true&showARIN=true
#

Facebook, Inc. TFBNET2 (NET-69-63-176-0-1) 69.63.176.0 - 69.63.191.255
American Registry for Internet Numbers NET69 (NET-69-0-0-0-0) 69.0.0.0 - 69.255.255.255


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
69.63.180.47 Server Details
IP address:
69.63.180.47
Server Location:
Palo Alto, CA in United States
ISP:
Facebook


So, what can I do about this? I usually keep FB open so I can chat to people but the server keeps jacking my connections to everything. What do?
User avatar
Kayleigh Mcneil
 
Posts: 3352
Joined: Thu Jun 29, 2006 7:32 am

Post » Tue Dec 06, 2011 9:41 am

Cancel your Facebook account. Because its stupid anyway.
User avatar
Chloe :)
 
Posts: 3386
Joined: Tue Jun 13, 2006 10:00 am

Post » Tue Dec 06, 2011 5:02 pm

http://www.neowin.net/forum/topic/496924-xmas-port-scan-attack/
User avatar
Aaron Clark
 
Posts: 3439
Joined: Fri Oct 26, 2007 2:23 pm

Post » Tue Dec 06, 2011 4:16 am

http://www.neowin.net/forum/topic/496924-xmas-port-scan-attack/


I'm not running any BT or p2p. I haven't touched one since 2002.

My connection keeps getting dropped every 10 minutes or so. Makes it impossible to play minecraft or xbox live. This has been happening off and on for the past few days.

It could be my router. It keeps losing connection to the DNS server. I am not sure though, if it was my router it should be constantly losing the connection instead of doing so at session intervals. One day it will be fine and then for a couple of hours it will just break.
User avatar
naomi
 
Posts: 3400
Joined: Tue Jul 11, 2006 2:58 pm

Post » Tue Dec 06, 2011 8:08 pm

An xmas port scan is a just a tcp packet sent with all flag bits set, it's not necessarily an attack, but you could quite easily block it if you wanted to.
User avatar
electro_fantics
 
Posts: 3448
Joined: Fri Mar 30, 2007 11:50 pm

Post » Tue Dec 06, 2011 5:01 pm

An xmas port scan is a just a tcp packet sent with all flag bits set, it's not necessarily an attack, but you could quite easily block it if you wanted to.


I have blocked all scans after seeing that in the log.
User avatar
Hilm Music
 
Posts: 3357
Joined: Wed Jun 06, 2007 9:36 pm
Post a reply

Return to Othor Games