[ubuntu-uk] Should I be worried by these strange 'trace routes'?
mac
ammonius.grammaticus at gmx.co.uk
Fri Mar 27 21:04:59 UTC 2015
Hi folks
Apologies if this is a off topic, but I could do with a bit of advice,
and can't think where else to ask.
I have a Draytek router with 'DoS Defences' set up in the firewall,
including 'block trace_route'.
A few weeks ago, I got email alerts from my router to say it was
blocking trace routes coming from within a block of IP addresses owned
by Internap Network Services in Georgia, USA. This happened a few days
in a row. So I turned off my modem and router over night, and got
reassigned a different dynamic IP by my ISP.
Today, my router alerted me that it was blocking the same source again
trace routing my new IP address:
2015/03/27 19:45:23 --[DOS][Block][trace_route][70.42.24.18:36107->
<MyIPAddress>:33444][UDP][HLen=20,TLen=44]
2015/03/27 19:45:24 --[DOS][Block][trace_route][70.42.24.18:36107->
<MyIPAddress>:33445][UDP][HLen=20,TLen=44]
2015/03/27 19:45:28 --[DOS][Block][trace_route][70.42.24.24:36110->
<MyIPAddress>:33441][UDP][HLen=20,TLen=44]
2015/03/27 19:45:29 --[DOS][Block][trace_route][70.42.24.24:36110->
<MyIPAddress>:33442][UDP][HLen=20,TLen=44]
2015/03/27 19:45:33 --[DOS][Block][trace_route][70.42.24.27:36108->
<MyIPAddress>:33443][UDP][HLen=20,TLen=44]
I'm not running any servers on my home network, and I don't have any
non-standard ports open.
I'm not very knowledgeable about networking. Tech support at my ISP was
at a loss for an explanation of what's going on here.
I'd be really grateful for advice about whether and how I need to pursue
this issue; and - if this is too off-topic here - where would be a good
place to check this out further.
Many thanks in advance for any advice/suggestions.
mac
More information about the ubuntu-uk
mailing list