I think my laptop is updating an attacker with my IP?
I am baffled. I have a laptop here next to me acting as a web server. It is connected to the internet using a NAT'ed router. I have a dynamic ip address which I have changed multiple time in order to get this ip here, 22.214.171.124 to leave me alone.
So far the only way I have gotten them to stop scanning my ports is to either edit pf.conf and block everything in all directions or unplug the machine entirely. I can't seem to find anything unusual showing up in pflog
If I open up the ports www, domain, and https on the server and use the router to block all access to it I still end up seeing things like this appear in it's logs several times a day.
[DoS Attack: ACK Scan] from source: 126.96.36.199, port 80 [DoS Attack: ACK Scan] from source: 188.8.131.52, port 443
This computer has been compromised before when it had windows on it, but since then it's been wiped and reformatted several times. I believe my computer may still be compromised somehow, but I don't what to do about it. My other machines don't appear to do this, however one is new and the other has had its hard drive replaced.
I'm fairly new at all of this and have no idea what to do next. Does anyone know what's going on?
|Thread||Thread Starter||Forum||Replies||Last Post|
|Do I need xsrc etc when updating a release?||claytonl||NetBSD Installation and Upgrading||0||12th October 2011 01:40 AM|
|Updating Wikipedia screenshots||rpindy||OpenBSD General||15||29th May 2011 10:14 PM|
|patching or updating ?||dennky||OpenBSD Installation and Upgrading||12||14th January 2010 07:17 PM|
|/usr became full while updating via cvs||IronForge||OpenBSD Installation and Upgrading||3||6th January 2010 01:08 PM|
|Updating FreeBSD||carpman||FreeBSD Installation and Upgrading||6||26th October 2008 11:49 AM|