This IP address:
Code:
[LAN access from remote] from 121.14.229.199:6000 to 192.168.1.5:80, Wednesday, October 21,2009 04:38:24
Not listed as a suspected DDOS attack, but maintained by APNIC.
This IP address:
Code:
[DoS Attack: ACK Scan] from source: 213.199.149.148, port 80, Wednesday, October 21,2009 01:18:40
Listed as a suspected DOS attack,
NOT maintained by APNIC.
If you want to complain to someone, or get more information from someone about the origins of the IP address that's involved with the 'attack' you need to either talk to Microsoft (who will not be interested as there's nothing they can do) or RIPE (who will tell you that it's an IP address issued to Microsoft, and that there's nothing they can do).
Personally, I think that the first IP address is more likely to be the 'suspect' one and that it's far more likely that any 'attack' will have come from there. The second one is more likely a backrground Internet request that's gottent picked up by an overly sensitive firewall.
You really can spend your entire life trying to chase these things down and get bloody nowhere.
---------- Post added at 15:08 ---------- Previous post was at 15:07 ----------
Quote:
Originally Posted by webcrawler2050
Yes but they issued the ip so will have contact details for the owner. Which seems to point to "GSTA.COM" and or "Shantou Hengxin Techonlogy Co.,Ltd"
|
Yes, but the OP wants to talk to them about a
DOS ATTACK, and the IP listed as being responsible for the
DOS ATTACK isn't one of theirs, it's one of RIPE's and is assigned to Microsoft.