Found a bunch of DoS Attack: ACK Scan in router logs. Originating from FB, Twitter, Tata Communication servers Can some one at FB/Twitter comment if these logs are false positive? This one from FB-Whatsapp: [DoS Attack: ACK Scan] from source: 157.240.22.54, port 5222, Monday, May 13, 2019 18:54:27 [DoS Attack: ACK Scan] from source: 157.240.22.54, port 5222, Monday, May 13, 2019 18:52:24 [DoS Attack: ACK Scan] from source: 157.240.22.54, port 5222, Monday, May 13, 2019 18:50:21 [DoS Attack: ACK Scan] from source: 157.240.22.54, port 5222, Monday, May 13, 2019 18:48:18 [DoS Attack: ACK Scan] from source: 157.240.22.54, port 5222, Monday, May 13, 2019 18:46:16 [DoS Attack: ACK Scan] from source: 157.240.22.54, port 5222, Monday, May 13, 2019 18:44:29 This one from Twitter: [DoS Attack: ACK Scan] from source: 104.244.42.136, port 443, Monday, May 13, 2019 17:45:14 [DoS Attack: ACK Scan] from source: 104.244.42.1, port 443, Monday, May 13, 2019 17:44:09 [DoS Attack: ACK Scan] from source: 104.244.42.2, port 443, Monday, May 13, 2019 17:44:08 This one from China unicom: [DoS Attack: SYN/ACK Scan] from source: 43.249.192.252, port 19441, Monday, May 13, 2019 18:09:09
I love when people connect, forget they are connecting and start yelling “ack scan!!!!”. Is this Symantec firewall????
CHYNA
You shouldn’t have posted this OP. They know you know too much.
1) someone in your network is accessing these services. 2) your Netgear is a piece of shite
We ran an ack scan to figure out your device. Now we know it's a Netgear thanks to your post
When did blind become the Infosec coms channel for IP sharing?
Why so bitter?
I’m just asking a question