Router showing random outgoing DOS activity since Mavericks update?
Hello, Looking to see if anyone is encountering a similar issue since the Mavericks update.
My iMac is connected to the Internet using a Draktek router, everything has previously been working fine.
The router has a facility where it can send an email when it detects VPN connections and Denial Of Service attacks.
Since the Mavericks update, I'm getting loads of random emails with the following, which seems to suggest that the iMac is attempting to connect to a range of sequential ports at an IP address that seems to belong to Apple.
The 192.168.0.24 is my internal IP of the iMac which happens to be the wireless rather than the Ethernet IP.
I know I could switch the email function off on the router, however I’m curious as to what process is sequentially going through ports.
I have only copied a small section below, today there was 26 emails of the same but with sequencing ports.
Pre Mavericks you I got a few emails a month where it was a genuine DOS issue on the internet side IP.
Any thoughts anyone?
Thanks
2013/10/26 00:44:29 -- [DOS][Block][tcp_flag, scanner=fin_wo_ack][192.168.0.24:52028->17.172.208.43:443][TCP][HLen=20, TLen=52, Flag=F, Seq=2591126476, Ack=0, Win=65535]
2013/10/26 00:53:31 -- [DOS][Block][tcp_flag, scanner=fin_wo_ack][192.168.0.24:52063->17.172.208.43:443][TCP][HLen=20, TLen=52, Flag=F, Seq=4115121682, Ack=0, Win=65535]
2013/10/26 00:53:31 -- [DOS][Block][tcp_flag, scanner=fin_wo_ack][192.168.0.24:52064->17.172.208.43:443][TCP][HLen=20, TLen=52, Flag=F, Seq=12381466, Ack=0, Win=65535]
2013/10/26 00:53:31 -- [DOS][Block][tcp_flag, scanner=fin_wo_ack][192.168.0.24:52065->17.172.208.43:443][TCP][HLen=20, TLen=52, Flag=F, Seq=3046506818, Ack=0, Win=65535]
2013/10/26 00:53:31 -- [DOS][Block][tcp_flag, scanner=fin_wo_ack][192.168.0.24:52066->17.172.208.43:443][TCP][HLen=20, TLen=52, Flag=F, Seq=3479243549, Ack=0, Win=65535]
iMac, OS X Mavericks (10.9)