[caiu] ataques

Gabriel Bemfica gobemfica em gmail.com
Quinta Agosto 21 17:30:30 BRT 2014


Tou com o Kurt, mas com ressalvas. Se for algo realmente grave, que possa
afetar um ISP ou site específico, deve ser relatado a fim de avisar na
lista caso clientes de outros membros daqui reclamem de indisponibilidade.
Pedidos de ajuda também seriam recebidos sem muitos problemas, creio,
embora não seja esse o intuito da lista, e existam outras onde esse assunto
pode ser melhor abordado.

No caso, foi desnecessário porque a escassez de informações nos faz
acreditar que se trate de um ataque a uma rede fechada (corporativa ou
mesmo residencial), algo habitual e sem relevância na lista.

Gabriel Bemfica

Gerente de integração - Loci Soluções
Em 21/08/2014 17:22, "Leonardo da Silva Fiuza Pina" <
leonardo.pina em lbr.com.br> escreveu:

> Você pregou o prego com uma única martelada, Kurt.
>
> Cordial cumprimento.
>
> On 08/21/2014 17:10, Kurt Kraut wrote:
>
>> Olá,
>>
>>
>> Okay, se o cara é atacado a internet dele caiu. Mas o que é que nós
>> podemos
>> fazer quanto a isso, ainda mais como no início do e-mail dele em que ele
>> deu absolutamente nenhuma informação? Não vejo como essa comunidade aqui
>> pode ajudar num caso dele além de terapia de grupo. O cara não pediu
>> sugestão de como se proteger, como evitar, como mitigar. Não pediu
>> qualquer
>> tipo de sugestão, orientação ou apoio. Não temos o que responder a ele,
>> logo, ele não tinha que ter nos enviado este e-mail.
>>
>> Em vez de ignorar estou tentando aqui evidenciar o problema com dois
>> objetivos: 1) o OP ser mais claro e conseguir a ajuda que precisa 2)
>> reforçar uma boa cultura e hábito em nossa comunidade para que ela
>> continue
>> produtiva.
>>
>>
>>
>> Abraços,
>>
>> Kurt Kraut
>>
>>
>> Em 21 de agosto de 2014 14:56, Leonardo da Silva Fiuza Pina <
>> leonardo.pina em lbr.com.br> escreveu:
>>
>>  O raciocínio dele é simples: o ataque pode torná-lo inacessível da
>>> Internet; logo, /caiu/.
>>>
>>> Cordial cumprimento.
>>>
>>>
>>> On 08/21/2014 14:54, Roberto Lima wrote:
>>>
>>>  Sofremos ataques diariamente, isso nunca foi novidade pra ninguem. Mas
>>>> ainda nao entendi o que a lista Caiu tem a ver com divulgação de
>>>> ataques..
>>>>
>>>>
>>>> Em 21 de agosto de 2014 14:08, Luiz Fernando Souza Machado <
>>>> lfsm10 em gmail.com
>>>>
>>>>  escreveu:
>>>>> Gostaria de saber se mais alguém teve o mesmo ataque hoje.
>>>>>
>>>>> Segue um log, troquei meu IP por 255.255.255.255.
>>>>>
>>>>> 10:02:10.093835 IP 80.7.11.108.38944 > 255.255.255.255.65150: Flags
>>>>> [S],
>>>>> seq 1226939928, win 37591, length 0
>>>>>
>>>>> 10:02:10.093933 IP 173.119.116.49.43153 > 255.255.255.255.62377: Flags
>>>>> [S],
>>>>> seq 859886238, win 37244, length 0
>>>>>
>>>>> 10:02:10.094035 IP 148.192.0.113.45161 > 255.255.255.255.1320: Flags
>>>>> [S],
>>>>> seq 2072826626, win 31924, length 0
>>>>>
>>>>> 10:02:10.094141 IP 73.70.0.16.51842 > 255.255.255.255.33376: Flags [S],
>>>>> seq
>>>>> 843167426, win 46015, length 0
>>>>>
>>>>> 10:02:10.094236 IP 52.143.116.40.39804 > 255.255.255.255.31910: Flags
>>>>> [S],
>>>>> seq 979897577, win 26780, length 0
>>>>>
>>>>> 10:02:10.094326 IP 46.248.76.47.37399 > 255.255.255.255.54897: Flags
>>>>> [S],
>>>>> seq 1647675188, win 16031, length 0
>>>>>
>>>>> 10:02:10.094419 IP 144.117.208.21.56195 > 255.255.255.255.13434: Flags
>>>>> [S],
>>>>> seq 2095446340, win 30014, length 0
>>>>>
>>>>> 10:02:10.094508 IP 52.30.156.82.35698 > 255.255.255.255.43305: Flags
>>>>> [S],
>>>>> seq 768980348, win 29779, length 0
>>>>>
>>>>> 10:02:10.094597 IP 165.0.6.29.186 > 255.255.255.255.4501: Flags [S],
>>>>> seq
>>>>> 838880742, win 62587, length 0
>>>>>
>>>>> 10:02:10.094616 IP 165.0.6.29.186 > 192.168.1.20.4501: Flags [S], seq
>>>>> 838880742, win 62587, length 0
>>>>>
>>>>> 10:02:10.094621 IP 146.83.133.98.62432 > 255.255.255.255.42390: Flags
>>>>> [S],
>>>>> seq 1599877116, win 26575, length 0
>>>>>
>>>>> 10:02:10.094712 IP 118.222.80.50.11263 > 255.255.255.255.34357: Flags
>>>>> [S],
>>>>> seq 1619399666, win 48898, length 0
>>>>>
>>>>> 10:02:10.094801 IP 64.221.56.33.32338 > 255.255.255.255.9430: Flags
>>>>> [S],
>>>>> seq 1267898160, win 22455, length 0
>>>>>
>>>>> 10:02:10.094889 IP 3.127.140.104.34687 > 255.255.255.255.11062: Flags
>>>>> [S],
>>>>> seq 1300018597, win 49464, length 0
>>>>>
>>>>> 10:02:10.094977 IP 167.21.64.43.921 > 255.255.255.255.63675: Flags [S],
>>>>> seq
>>>>> 1395565597, win 53389, length 0
>>>>>
>>>>> 10:02:10.095066 IP 193.84.40.112.21735 > 255.255.255.255.3058: Flags
>>>>> [S],
>>>>> seq 507569849, win 9259, length 0
>>>>>
>>>>> 10:02:10.095153 IP 98.156.210.56.49469 > 255.255.255.255.63049: Flags
>>>>> [S],
>>>>> seq 1345491446, win 42502, length 0
>>>>>
>>>>> 10:02:10.095242 IP 216.40.89.121.19578 > 255.255.255.255.21288: Flags
>>>>> [S],
>>>>> seq 946174512, win 19347, length 0
>>>>>
>>>>> 10:02:10.095330 IP 137.169.128.72.57659 > 255.255.255.255.30931: Flags
>>>>> [S],
>>>>> seq 611121696, win 16513, length 0
>>>>>
>>>>> 10:02:10.095417 IP 94.93.2.14.63905 > 255.255.255.255.46348: Flags [S],
>>>>> seq
>>>>> 2130990594, win 23695, length 0
>>>>>
>>>>> 10:02:10.095506 IP 44.112.236.114.45840 > 255.255.255.255.2535: Flags
>>>>> [S],
>>>>> seq 1588854382, win 17586, length 0
>>>>>
>>>>> 10:02:10.095593 IP 1.86.112.127.61572 > 255.255.255.255.3274: Flags
>>>>> [S],
>>>>> seq 1167592749, win 25779, length 0
>>>>>
>>>>> 10:02:10.095680 IP 104.163.189.79.27315 > 255.255.255.255.27540: Flags
>>>>> [S],
>>>>> seq 301397897, win 2733, length 0
>>>>>
>>>>> 10:02:10.095777 IP 255.255.255.255.443 > 220.230.161.96.45922: Flags
>>>>> [S.],
>>>>> seq 1166290185, ack 529404657, win 14600, options [mss 1460], length 0
>>>>>
>>>>> 10:02:10.095784 IP 54.210.145.26.63838 > 255.255.255.255.63346: Flags
>>>>> [S],
>>>>> seq 1505751667, win 11543, length 0
>>>>>
>>>>> 10:02:10.095875 IP 143.215.223.14.50727 > 255.255.255.255.40573: Flags
>>>>> [S],
>>>>> seq 4900498, win 16280, length 0
>>>>>
>>>>> 10:02:10.095964 IP 112.172.79.17.57380 > 255.255.255.255.10326: Flags
>>>>> [S],
>>>>> seq 505928773, win 31901, length 0
>>>>>
>>>>> 10:02:10.096053 IP 32.155.171.56.15974 > 255.255.255.255.43041: Flags
>>>>> [S],
>>>>> seq 737525906, win 11244, length 0
>>>>>
>>>>> 10:02:10.096141 IP 29.223.203.22.719 > 255.255.255.255.43390: Flags
>>>>> [S],
>>>>> seq 1690479249, win 34874, length 0
>>>>>
>>>>> 10:02:10.096228 IP 15.255.33.78.29507 > 255.255.255.255.45482: Flags
>>>>> [S],
>>>>> seq 1496732337, win 12900, length 0
>>>>>
>>>>> 10:02:10.096315 IP 124.100.27.101.25844 > 255.255.255.255.30867: Flags
>>>>> [S],
>>>>> seq 668929416, win 17175, length 0
>>>>>
>>>>> 10:02:10.096403 IP 30.121.136.39.63871 > 255.255.255.255.23527: Flags
>>>>> [S],
>>>>> seq 1118247869, win 16537, length 0
>>>>>
>>>>> 10:02:10.096490 IP 45.209.8.83.53640 > 255.255.255.255.10112: Flags
>>>>> [S],
>>>>> seq 2109673125, win 28860, length 0
>>>>>
>>>>> 10:02:10.096577 IP 79.127.103.82.19723 > 255.255.255.255.27249: Flags
>>>>> [S],
>>>>> seq 1536973436, win 20231, length 0
>>>>>
>>>>> 10:02:10.096665 IP 106.134.109.69.42535 > 255.255.255.255.18143: Flags
>>>>> [S],
>>>>> seq 214845755, win 56033, length 0
>>>>>
>>>>> 10:02:10.096751 IP 52.41.214.101.38951 > 255.255.255.255.2392: Flags
>>>>> [S],
>>>>> seq 2012304916, win 3228, length 0
>>>>>
>>>>> 10:02:10.096839 IP 166.78.31.25.48946 > 255.255.255.255.10330: Flags
>>>>> [S],
>>>>> seq 865370752, win 28366, length 0
>>>>>
>>>>> 10:02:10.096935 IP 60.104.147.34.17953 > 255.255.255.255.7937: Flags
>>>>> [S],
>>>>> seq 1355186960, win 3128, length 0
>>>>>
>>>>> 10:02:10.097024 IP 41.221.197.48.16877 > 255.255.255.255.27995: Flags
>>>>> [S],
>>>>> seq 828213759, win 45104, length 0
>>>>>
>>>>> 10:02:10.097109 IP 179.234.117.35.4524 > 255.255.255.255.80: Flags [.],
>>>>> ack
>>>>> 4287715939, win 65050, length 0
>>>>>
>>>>> 10:02:10.097117 IP 179.234.117.35.4524 > 255.255.255.255.80: Flags
>>>>> [F.],
>>>>> seq 0, ack 1, win 65050, length 0
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Em 21 de agosto de 2014 12:25, Leo S. Filho <leosfilho em gmail.com>
>>>>> escreveu:
>>>>>
>>>>>   Por favor passe mais detalhes.
>>>>>
>>>>>> Em 21/08/2014 10:46, "Luiz Fernando Souza Machado" <lfsm10 em gmail.com>
>>>>>> escreveu:
>>>>>>
>>>>>>   acabamos de sofrer um ataque de Syn flood distribuido.
>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Atenciosamente
>>>>>>> Luiz Fernando Machado
>>>>>>> _______________________________________________
>>>>>>> caiu mailing list
>>>>>>> caiu em eng.registro.br
>>>>>>> https://eng.registro.br/mailman/listinfo/caiu
>>>>>>>
>>>>>>>
>>>>>>> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>>>>>>>
>>>>>>> https://eng.registro.br/mailman/options/caiu
>>>>>>>
>>>>>>>   _______________________________________________
>>>>>>>
>>>>>> caiu mailing list
>>>>>> caiu em eng.registro.br
>>>>>> https://eng.registro.br/mailman/listinfo/caiu
>>>>>>
>>>>>>
>>>>>> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>>>>>>
>>>>>> https://eng.registro.br/mailman/options/caiu
>>>>>>
>>>>>>
>>>>>>  --
>>>>>
>>>>> Atenciosamente
>>>>> Luiz Fernando Machado
>>>>> _______________________________________________
>>>>> caiu mailing list
>>>>> caiu em eng.registro.br
>>>>> https://eng.registro.br/mailman/listinfo/caiu
>>>>>
>>>>>
>>>>> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>>>>>
>>>>> https://eng.registro.br/mailman/options/caiu
>>>>>
>>>>>   _______________________________________________
>>>>>
>>>> caiu mailing list
>>>> caiu em eng.registro.br
>>>> https://eng.registro.br/mailman/listinfo/caiu
>>>>
>>>>
>>>> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>>>>
>>>> https://eng.registro.br/mailman/options/caiu
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>  --
>>>
>>>
>>> ---
>>> This email is free from viruses and malware because avast! Antivirus
>>> protection is active.
>>> http://www.avast.com
>>>
>>> _______________________________________________
>>> caiu mailing list
>>> caiu em eng.registro.br
>>> https://eng.registro.br/mailman/listinfo/caiu
>>>
>>>
>>> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>>>
>>> https://eng.registro.br/mailman/options/caiu
>>>
>>>  _______________________________________________
>> caiu mailing list
>> caiu em eng.registro.br
>> https://eng.registro.br/mailman/listinfo/caiu
>>
>>
>> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>>
>> https://eng.registro.br/mailman/options/caiu
>>
>> !DSPAM:1,53f65270285541540530292!
>>
>>
>>
> --
>
>
> ---
> This email is free from viruses and malware because avast! Antivirus
> protection is active.
> http://www.avast.com
> _______________________________________________
> caiu mailing list
> caiu em eng.registro.br
> https://eng.registro.br/mailman/listinfo/caiu
>
>
> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>
> https://eng.registro.br/mailman/options/caiu
>


More information about the caiu mailing list