首页 注册 登录
V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
iry232
V2EX  ›  程序员

这是什么攻击?

  •   
  •   iry232 · 2016-10-30 14:02:07 +08:00 · 4589 次点击
    这是一个创建于 2948 天前的主题,其中的信息可能已经有所发展或是发生改变。

    主路由刷了 tomato 固件,开启了 dnscrypt-proxy firewall 开启了 Respond to ICMP ping

    副路由是 r7000,官方原版固件 最近老是出现 DoS attack: Smurf 和 Self2WAN ICMP type b Detected!

    帖上部分日志

    [DoS attack: Smurf] attack packets in last 20 sec from ip [27.187.118.255],Saturday, Oct 22,2016 14:57:33

    [DoS attack: Smurf] attack packets in last 20 sec from ip [27.187.118.255],Saturday, Oct 22,2016 14:57:12

    [DoS attack: Smurf] attack packets in last 20 sec from ip [218.88.26.255], Saturday,Oct 22,2016 14:56:11

    [DoS attack: Smurf] attack packets in last 20 sec from ip [218.88.26.255], Saturday,Oct 22,2016 14:55:50

    [DoS attack: Smurf] attack packets in last 20 sec from ip [218.88.26.255], Saturday,Oct 22,2016 14:53:32

    [DoS attack: Smurf] attack packets in last 20 sec from ip [218.88.26.255], Saturday,Oct 22,2016 14:53:10

    [DoS attack: Smurf] attack packets in last 20 sec from ip [218.88.26.255], Saturday,Oct 22,2016 14:51:29

    [DoS attack: Smurf] attack packets in last 20 sec from ip [218.88.26.255], Saturday,Oct 22,2016 14:51:08

    Self2WAN ICMP type b Detected!] To prevent from revealing router's activity, this packet is drop Saturday, Oct 22,2016 14:16:56

    [DoS attack: Smurf] attack packets in last 20 sec from ip [61.167.151.255],Saturday, Oct 22,2016 13:55:03

    [DoS attack: Smurf] attack packets in last 20 sec from ip [61.167.151.255],Saturday, Oct 22,2016 13:54:42

  • Attack
  • Saturday
  • Oct
  • smurf
    4 条回复
    iry232
        2
    iry232  
    OP
       2016-10-30 18:01:17 +08:00 via iPhone
    应该是 r7000 的防火墙拒绝了
    ericgui
        3
    ericgui  
       2016-10-31 12:39:03 +08:00
    我来献丑了,刚学的。这是 smurf 攻击,对你整个 network 进行 directed broadcast ,假设你的 IP 是 C 类 IP 地址, 218.88.26.X ,就对这个 IP : 218.88.26.255 发送 broadcast ,然后整个 network 里所有主机都会收到这个广播了。因此路由器由于安全原因是默认 drop this type of broadcast traffic 。

    这是 DDoS 攻击的一种。

    刚在看 CCNA 的教程,如果有错,请指正!
    iry232
        4
    iry232  
    OP
       2016-10-31 15:14:17 +08:00 via iPhone
    @ericgui
    thanks a lot!原来是广播到整个网络了
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   1032 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 25ms · UTC 22:22 · PVG 06:22 · LAX 14:22 · JFK 17:22
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.