In mijn Odido zyxel-router heb ik ongeveer 10 security logs/sec, zoals hieronder. Is dit iets waar ik rekening mee moet houden? xx.xx.xx.xx is my IP address
Jan 25 16:54:51 | kern | alert | attack | kernel: [1708211.985025] UDP PORT SCAN ATTACK:IN=eth1.3 OUT= MAC=f8:0d:a9:0e:6f:81:00:0e:00:00:00:01:08:00 SRC=104.152.52.158 DST=xx.xx.xx.xx LEN=28 TOS=0x00 PREC=0x00 TTL=241 ID=8752 PROTO=UDP SPT=58013 DPT=49156 LEN=8 | |
2 | Jan 25 16:53:50 | kern | alert | attack | kernel: [1708150.587452] UDP PORT SCAN ATTACK:IN=eth1.3 OUT= MAC=f8:0d:a9:0e:6f:81:00:0e:00:00:00:01:08:00 SRC=104.152.52.158 DST=xx.xx.xx.xx LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=46794 PROTO=UDP SPT=58013 DPT=7 LEN=20 |
10 | Jan 25 03:52:11 | kern | alert | attack | kernel: [1661301.248650] PING OF DEATH ATTACK:IN=eth1.3 OUT= MAC=f8:0d:a9:0e:6f:81:00:0e:00:00:00:01:08:00 SRC=23.92.31.220 DST=xx.xx.xx.xx LEN=34 TOS=0x00 PREC=0x00 TTL=18 ID=22377 PROTO=ICMP TYPE=8 CODE=0 ID=22377 SEQ=30 |