Accessibility Resource Center Skip to main content
Get it fast with In-Store & Curbside Pickup or same day delivery.

Intrusion Attacks from murikon.com

Reply
mtaskew
Contributor
Contributor
Posts: 1
Registered: ‎03-01-2009

Intrusion Attacks from murikon.com

Message 1 of 6
(6,327 Views)

I'm getting intrusion attacks from murikon.com (78.159.96.17, 80)  I looked them up on whois but the phone number for the domain administrator is disconnected.  Does Verizon block attacking domains/computers?

 

5 REPLIES 5
prisaz
Platinum Contributor III
Platinum Contributor III
Posts: 6,820
Registered: ‎08-23-2008

Re: Intrusion Attacks from murikon.com

Message 2 of 6
(6,318 Views)

I get regular attacks from SQL server worms and others. I don't think Verizon would have anything to do with blocking them. Your router should catch these and drop the packets. How are you seeing these? Are these in your router firewall logs? If so, then most these attacks will do is a denial of service D.O.S., if your router is being hammered. Try rebooting your router to get another IP address. If you are concerned that these might be getting through, you can always check for open ports on your router. Go to grc.com shields up page and do a security scan on your connection. http://www.grc.com/intro.htm Another this would be to block Inbound ICMP traffic in your router. Ping requests. This would make you virtually invisable to the internet. I have everything blocked but still there are machines that go blindly on the net and attack various IP address.

 

Most of the attacks I get come from Asia Pacific Network.

The address you posted comes back to this location in Europe. Almost imposible to stop. 

Location: Frankfurt am Main (50.133N, 8.672E)

Network: 78-RIPE

 

Message Edited by prisaz on 03-01-2009 08:20 AM
Message Edited by prisaz on 03-01-2009 08:21 AM
Techman28
Gold Contributor IV
Gold Contributor IV
Posts: 1,340
Registered: ‎10-13-2008

Re: Intrusion Attacks from murikon.com

Message 3 of 6
(6,195 Views)

guys if that happens report that to abuse@verizon.net

prisaz
Platinum Contributor III
Platinum Contributor III
Posts: 6,820
Registered: ‎08-23-2008

Re: Intrusion Attacks from murikon.com

Message 4 of 6
(6,191 Views)

@Techman28 wrote:

guys if that happens report that to abuse@verizon.net


 

Cool. Should I send them copies of my firewall and intrustion detection system logs. This happens every day. At times from just randomly infected machines, or systems that may have a virus and are tring to exploit SQL server bugs. Not running SQL but these attack seem to be just targeting random IP addresses. I would be sending many mails a day. Mostly exploit attemps from China.
Techman28
Gold Contributor IV
Gold Contributor IV
Posts: 1,340
Registered: ‎10-13-2008

Re: Intrusion Attacks from murikon.com

Message 5 of 6
(6,158 Views)

yes

prisaz
Platinum Contributor III
Platinum Contributor III
Posts: 6,820
Registered: ‎08-23-2008

Re: Intrusion Attacks from murikon.com

Message 6 of 6
(6,129 Views)

I will. Here is a sample of a log entry I will send them. This happens daily. Many hot computers out there still spewing this stuff from China. Intentional?

 

IPCop IDS snort log
Date: 5 March

Date: 03/05 08:54:11
Name: MS-SQL version overflow attempt
Priority: 3
Type: Misc activity
IP Info: 220.173.32.104:65106 -> 173.66.189.104:1434
SID: 2050
Refs:

Date: 03/05 08:54:11
Name: MS-SQL Worm propagation attempt
Priority: 2
Type: Misc Attack
IP Info: 220.173.32.104:65106 -> 173.66.189.104:1434
SID: 2003
Refs:

How-To Videos
 
The following videos were produced by users like you!
   
Videos are subject to the Verizon Fios Community Terms of Service and User Guidelines and contains content that is not created by Verizon.
Have a spare Fios-G1100?Learn how to bridge it into your network
Get Started


Covid19

Browse Categories
Categories:
Posts

Verizon Troubleshooters
Unable to find your answer here? Try searching Verizon Troubleshooters for more options.