Tag,
ich werde seit einigen Tagen angegriffen wenn ich mit Relakks surfe...
Meine Firewall Blockt es zwar, aber mir kommt es komisch vor, das es nur bei Relakks so ist...
Der Angriff kommt über das UDP Protokoll und geht über den Port 1434
Hier die Logfile:
Hier noch eine WhoIs abfrage von den IP'sCode:Intrusion.Win.MSSQL.worm.Helkern 202.96.87.17 UDP 1434 Intrusion.Win.MSSQL.worm.Helkern 202.101.235.100 UDP 1434 Intrusion.Win.MSSQL.worm.Helkern 203.94.243.191 UDP 1434
Hat jemand das selbe Problem bei Relakks?Code:OrgName: Asia Pacific Network Information Centre OrgID: APNIC Address: PO Box 2131 City: Milton StateProv: QLD PostalCode: 4064 Country: AU ReferralServer: whois://whois.apnic.net NetRange: 202.0.0.0 - 203.255.255.255 CIDR: 202.0.0.0/7 NetName: APNIC-CIDR-BLK NetHandle: NET-202-0-0-0-1 Parent: NetType: Allocated to APNIC NameServer: NS1.APNIC.NET NameServer: NS3.APNIC.NET NameServer: NS4.APNIC.NET NameServer: TINNIE.ARIN.NET NameServer: NS-SEC.RIPE.NET NameServer: DNS1.TELSTRA.NET Comment: This IP address range is not registered in the ARIN database. Comment: For details, refer to the APNIC Whois Database via Comment: WHOIS.APNIC.NET or http://www.apnic.net/apnic-bin/whois2.pl Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry Comment: for the Asia Pacific region. APNIC does not operate networks Comment: using this IP address range and is not able to investigate Comment: spam or abuse reports relating to these addresses. For more Comment: help, refer to http://www.apnic.net/info/faq/abuse Comment: RegDate: 1994-04-05 Updated: 2005-05-20 OrgTechHandle: AWC12-ARIN OrgTechName: APNIC Whois Contact OrgTechPhone: +61 7 3858 3188 OrgTechEmail: search-apnic-not-arin@apnic.net
gruß meckl