Forum Index | Search | Register (New User) | Login (Existing User) | Who's Online | FAQ | Main Site

Technical Discussion
  >> Security Related Issues Previous thread View all threads Next thread


Register (or login) on our website and you will not see this ad.


These posts have been archived and can no longer be replied to or modified.
  Print Thread
Standard User moggsy
(committed) Sat 28-Feb-09 11:35:10
Print Post

Strange entry in router log...


[link to this post] 		 
Hi all

Been looking through the router log that I email to myself and noticed a load of entries I've never seen before.

Here's a copy & paste of of the part of the log in question - can anyone shed any light on it for me?

Mon, 2009-02-23 23:33:50 - Administrator login successful - IP:192.168.0.2
Mon, 2009-02-23 23:49:12 - TTL7 IDQ66 DF PROTO=TCP SPTQ505 DPT�80 WINDOWe335 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:09:01 - TTL7 IDX83 DF PROTO=TCP SPTQ504 DPT�80 WINDOWe335 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:09:05 - TTL7 IDc25 DF PROTO=TCP SPTQ505 DPT�80 WINDOWe335 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:16:58 - TTL7 IDC30 DF PROTO=TCP SPTQ504 DPT�80 WINDOWE260 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:21:01 - TTL7 IDX16 DF PROTO=TCP SPTQ502 DPT�80 WINDOWe335 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:25:19 - TTL7 ID�06 DF PROTO=TCP SPTQ503 DPT�80 WINDOW`590 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:28:58 - TTL7 IDx30 DF PROTO=TCP SPTQ501 DPT�80 WINDOWe335 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:32:35 - TTL7 ID`04 DF PROTO=TCP SPTQ504 DPT�80 WINDOWT750 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:43:19 - TTL7 IDS56 DF PROTO=TCP SPTQ504 DPT�80 WINDOWW305 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:50:03 - TTL7 IDC68 DF PROTO=TCP SPTQ547 DPT�80 WINDOW425 RES=0x00 ACK URGP=0
Tue, 2009-02-24 00:51:47 - ID#916 DF PROTO=TCP SPTQ544 DPT�80 WINDOW'010 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:00:50 - ID0957 DF PROTO=TCP SPTQ544 DPT�80 WINDOW%915 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:03:00 - ID#929 DF PROTO=TCP SPTQ544 DPT�80 WINDOW#725 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:03:16 - ID'119 DF PROTO=TCP SPTQ544 DPT�80 WINDOW'740 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:09:47 - TTL7 ID642 DF PROTO=TCP SPTQ547 DPT�80 WINDOW#725 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:12:31 - TTL7 ID#28 DF PROTO=TCP SPTQ546 DPT�80 WINDOW#725 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:12:58 - TTL7 IDu71 DF PROTO=TCP SPTQ546 DPT�80 WINDOW#725 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:13:06 - TTL7 ID�60 DF PROTO=TCP SPTQ501 DPT�80 WINDOW'740 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:17:57 - TTL7 ID723 DF PROTO=TCP SPTQ545 DPT�80 WINDOW 440 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:25:23 - ID1165 DF PROTO=TCP SPTQ544 DPT�80 WINDOW 805 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:26:50 - ID698 DF PROTO=TCP SPTQ543 DPT�80 WINDOW$820 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:28:08 - x00 TTL7 IDQ8 DF PROTO=TCP SPTQ546 DPT�80 WINDOW(105 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:28:17 - TTL7 ID%13 DF PROTO=TCP SPTQ547 DPT�80 WINDOW)200 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:30:49 - TTL7 ID&27 DF PROTO=TCP SPTQ547 DPT�80 WINDOW&280 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:34:07 - ID327 DF PROTO=TCP SPTQ544 DPT�80 WINDOW$455 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:34:16 - ID361 DF PROTO=TCP SPTQ543 DPT�80 WINDOW(105 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:35:01 - ID'940 DF PROTO=TCP SPTQ543 DPT�80 WINDOW)930 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:36:48 - ID 490 DF PROTO=TCP SPTQ544 DPT�80 WINDOW&645 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:38:06 - TTL7 IDa18 DF PROTO=TCP SPTQ547 DPT�80 WINDOW1390 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:40:45 - ID944 DF PROTO=TCP SPTQ544 DPT�80 WINDOW%185 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:42:42 - TTL7 IDX20 DF PROTO=TCP SPTQ546 DPT�80 WINDOW3215 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:48:48 - ID&663 DF PROTO=TCP SPTQ544 DPT�80 WINDOW%550 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:49:20 - TTL7 ID88 DF PROTO=TCP SPTQ545 DPT�80 WINDOW%185 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:49:33 - TTL7 IDF39 DF PROTO=TCP SPTQ547 DPT�80 WINDOW%550 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:51:04 - ID&005 DF PROTO=TCP SPTQ544 DPT�80 WINDOW%550 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:56:50 - TTL7 ID�44 DF PROTO=TCP SPTQ546 DPT�80 WINDOW'375 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:58:57 - TTL7 IDp50 DF PROTO=TCP SPTQ546 DPT�80 WINDOW&280 RES=0x00 ACK URGP=0
Tue, 2009-02-24 01:59:11 - ID374 DF PROTO=TCP SPTQ544 DPT�80 WINDOW!900 RES=0x00 ACK URGP=0
Tue, 2009-02-24 02:04:28 - ID957 DF PROTO=TCP SPTQ543 DPT�80 WINDOW(470 RES=0x00 ACK URGP=0
Tue, 2009-02-24 02:07:21 - ID(265 DF PROTO=TCP SPTQ544 DPT�80 WINDOW'375 RES=0x00 ACK URGP=0
Tue, 2009-02-24 02:08:46 - ID505 DF PROTO=TCP SPTQ544 DPT�80 WINDOW0660 RES=0x00 ACK URGP=0
Tue, 2009-02-24 02:08:50 - ID537 DF PROTO=TCP SPTQ543 DPT�80 WINDOW(105 RES=0x00 ACK URGP=0
Tue, 2009-02-24 02:12:43 - TTL7 ID`81 DF PROTO=TCP SPTQ546 DPT�80 WINDOW&280 RES=0x00 ACK URGP=0
Tue, 2009-02-24 12:05:16 - LCP down.


Many thanks for any help/info.....
Reply With Quote

Moggsy
----------------------------------------------------------------------
Confucious he say; "Swinging chain mean warm seat!" smile
Standard User moggsy
(committed) Fri 20-Mar-09 09:45:35
Print Post

Re: Strange entry in router log...


[re: moggsy] [link to this post] 		 
*bump*....anyone?

Still getting these sort of strange entries...!!

Thx

Moggsy
----------------------------------------------------------------------
Confucious he say; "Swinging chain mean warm seat!" smile
Standard User deleted
(deleted) Fri 20-Mar-09 10:52:29
Print Post

Re: Strange entry in router log...


[re: moggsy] [link to this post] 		 
A mystery to me also.

Scroogle PROTO TCP includes this

"This is an ICMP Type 3 message. That type of message is sent when the
destination address is unreachable. The part of the log in brackets is the
IP header and the first 8 bytes after the IP header of the packet that could
not reach its destination. It says TCP INCOMPLETE because the full TCP
header is 20 bytes, but only 8 were there. "

I have no idea if that is relevant to your log.


Register (or login) on our website and you will not see this ad.

  Print Thread

Previous thread View all threads Next thread
Jump to