Computer Infected?
I kept getting kicked off of my router for ~10 minutes for the past couple of days.
So I decided to check out the security logs and it spit this out:
[Sun, 2010-06-06 10:03:26] - TCP Packet - Source:192.168.0.5,58326 ,LAN - Destination:8.19.18.25,19203 ,WAN [Drop] - [FIN Scan]
[Sun, 2010-06-06 15:40:13] - TCP Packet - Source:192.168.0.5,56293 ,LAN - Destination:199.9.252.173,19203 ,WAN [Drop] - [FIN Scan]
[Sun, 2010-06-06 16:26:42] - TCP Packet - Source:192.168.0.5,30951 ,LAN - Destination:199.9.252.173,19203 ,WAN [Drop] - [FIN Scan]
[Mon, 2010-06-07 11:13:27] - TCP Session - Source:192.168.0.5,49552 ,LAN - Destination:66.102.7.190,80[HTTP] ,WAN [Reset] - [SYN Flood]
[Mon, 2010-06-07 13:40:15] - TCP Session - Source:192.168.0.5,50534 ,LAN - Destination:78.129.201.60,80[HTTP] ,WAN [Reset] - [SYN Flood]
[Mon, 2010-06-07 19:13:15] - TCP Packet - Source:192.168.0.5,30922 ,LAN - Destination:199.9.252.173,19203 ,WAN [Drop] - [FIN Scan]
192.168.0.5 is my machine and I searched FIN Scan and SYN Flood on Google.
Both are both associated with DDOS attacks.
I then did a virus scan ClamXAV... a spoof domain e-mails came up from my spam folder, but no trojans or anything like that.
Now I am trying iAntiVirus to see if it picks anything up.
Can anyone else give me suggestions on what is going on?
Message was edited by: elliotnevills
So I decided to check out the security logs and it spit this out:
[Sun, 2010-06-06 10:03:26] - TCP Packet - Source:192.168.0.5,58326 ,LAN - Destination:8.19.18.25,19203 ,WAN [Drop] - [FIN Scan]
[Sun, 2010-06-06 15:40:13] - TCP Packet - Source:192.168.0.5,56293 ,LAN - Destination:199.9.252.173,19203 ,WAN [Drop] - [FIN Scan]
[Sun, 2010-06-06 16:26:42] - TCP Packet - Source:192.168.0.5,30951 ,LAN - Destination:199.9.252.173,19203 ,WAN [Drop] - [FIN Scan]
[Mon, 2010-06-07 11:13:27] - TCP Session - Source:192.168.0.5,49552 ,LAN - Destination:66.102.7.190,80[HTTP] ,WAN [Reset] - [SYN Flood]
[Mon, 2010-06-07 13:40:15] - TCP Session - Source:192.168.0.5,50534 ,LAN - Destination:78.129.201.60,80[HTTP] ,WAN [Reset] - [SYN Flood]
[Mon, 2010-06-07 19:13:15] - TCP Packet - Source:192.168.0.5,30922 ,LAN - Destination:199.9.252.173,19203 ,WAN [Drop] - [FIN Scan]
192.168.0.5 is my machine and I searched FIN Scan and SYN Flood on Google.
Both are both associated with DDOS attacks.
I then did a virus scan ClamXAV... a spoof domain e-mails came up from my spam folder, but no trojans or anything like that.
Now I am trying iAntiVirus to see if it picks anything up.
Can anyone else give me suggestions on what is going on?
Message was edited by: elliotnevills
Macbook Pro Build 9G55, Mac OS X (10.6.3)
