Hi freinds!
When I look in my Tomato log (Latest EXT-version) on my Netgear WNR3500L I see this:
Feb 25 03:22:07 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=83.226.7.145 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=117 ID=13290 PROTO=UDP SPT=57652 DPT=63393 LEN=60
Feb 25 03:22:08 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=83.226.115.53 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=122 ID=9950 PROTO=UDP SPT=57346 DPT=63393 LEN=60
Feb 25 03:22:09 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=81.236.9.253 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=119 ID=20446 PROTO=UDP SPT=63042 DPT=63393 LEN=60
Feb 25 03:22:09 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:54 SRC=81.236.9.253 DST=********* LEN=84 TOS=0x00 PREC=0x00 TTL=119 ID=20447 PROTO=UDP SPT=63078 DPT=63393 LEN=64
Feb 25 03:22:09 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=83.226.7.145 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=117 ID=13548 PROTO=UDP SPT=57652 DPT=63393 LEN=60
Feb 25 03:22:09 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=212.116.91.45 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=116 ID=932 PROTO=UDP SPT=63684 DPT=63393 LEN=60
Feb 25 03:22:10 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=78.73.4.139 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=117 ID=26122 PROTO=UDP SPT=58638 DPT=63393 LEN=60
Feb 25 03:22:10 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=83.226.115.53 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=122 ID=11498 PROTO=UDP SPT=57346 DPT=63393 LEN=60
Feb 25 03:22:11 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=81.236.9.253 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=119 ID=20896 PROTO=UDP SPT=63042 DPT=63393 LEN=60
Feb 25 03:22:11 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:54 SRC=81.236.9.253 DST=********* LEN=84 TOS=0x00 PREC=0x00 TTL=119 ID=20897 PROTO=UDP SPT=63078 DPT=63393 LEN=64
Feb 25 03:22:12 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=78.73.4.139 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=117 ID=26444 PROTO=UDP SPT=58638 DPT=63393 LEN=60
Feb 25 03:22:12 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=83.226.115.53 DST=******** LEN=80 TOS=0x00 PREC=0x00 TTL=122 ID=13741 PROTO=UDP SPT=57346 DPT=63393 LEN=60
Feb 25 03:22:14 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=212.116.91.45 DST=******** LEN=80 TOS=0x00 PREC=0x00 TTL=116 ID=1202 PROTO=UDP SPT=63684 DPT=63393 LEN=60
Feb 25 03:22:14 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=78.73.4.139 DST=********* LEN=80 TOS=0x00 PREC=0x00 TTL=117 ID=26734 PROTO=UDP SPT=58638 DPT=63393 LEN=60
Feb 25 03:22:15 unknown user.warn kernel: DROP IN=vlan2 OUT= MAC=**:***:08:00:45:00:00:50 SRC=213.100.11.141 DST=******** LEN=80 TOS=0x00 PREC=0x00 TTL=115 ID=10854 PROTO=UDP SPT=56177 DPT=63393 LEN=60
What is it?
** & *** are MAC-adresses of my WNR3500L. The last one, I don't recognize.
********* is my WAN-IP :) I don't recognize the SRC IP's.
Best Regards, ctm555
Have plenty of those also.... Internet is not a peceful lnd...Many of those "attakcs" come from China (in my case)..
Thank to your firewalled router !!!
Okey, so you mean it's harmless? No problem for my bandwidth?
I checked them out, and they all come from different cities in Sweden (were I'm from). It pisses me off and makes me want to go find that ugly piece and beat him up :)
Thank you for you answear!
It's most likely a botnet or something that is just scanning entire IP blocks. I really doubt someone is targeting you personally.