Print Thread
I'm a one-man-band software developer working from home. I do have a fixed IP, that's what AA give, but this seems crazy. Just in the last hour I've got over 200 attacks logged. Is that unusual?
I've checked three or four of the addresses and they're all listed as owned by Amazon AWS.
The router seems to be handling it comfortably and nothing seems to be getting through so I suppose I shouldn't be worried, I just wonder if this is a common experience or am I particularly blessed.
The latest crop, with my ip removed manually, is
Jan 29 17:05:08 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=43.218.46.66 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=10522 DF PROTO=ICMP TYPE=8 CODE=0 ID=5 SEQ=9492 MARK=0x10000000
Jan 29 17:05:09 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=13.51.198.199 DST=<My fixed ip> LEN=36 TOS=0x00 PREC=0x00 TTL=237 ID=2643 DF PROTO=ICMP TYPE=8 CODE=0 ID=1 SEQ=18370 MARK=0x10000000
Jan 29 17:05:09 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=16.170.252.111 DST=<My fixed ip> LEN=36 TOS=0x00 PREC=0x00 TTL=238 ID=41817 DF PROTO=ICMP TYPE=8 CODE=0 ID=1 SEQ=18370 MARK=0x10000000
Jan 29 17:05:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=16.171.11.217 DST=<My fixed ip> LEN=36 TOS=0x00 PREC=0x00 TTL=238 ID=12447 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=22963 MARK=0x10000000
Jan 29 17:05:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=13.51.176.36 DST=<My fixed ip> LEN=36 TOS=0x00 PREC=0x00 TTL=237 ID=18812 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=22963 MARK=0x10000000
Jan 29 17:05:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=108.137.16.187 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=43097 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
Jan 29 17:05:11 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=108.136.39.218 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=61679 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
Jan 29 17:05:11 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=108.137.7.167 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=39391 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
Jan 29 17:05:11 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=108.136.160.114 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=317 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
Jan 29 17:05:11 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=43.218.34.223 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=10914 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
Jan 29 17:05:11 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=108.137.76.45 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=24296 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
Jan 29 17:06:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=16.170.252.111 DST=<My fixed ip> LEN=36 TOS=0x00 PREC=0x00 TTL=238 ID=45316 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=22963 MARK=0x10000000
Jan 29 17:06:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=108.136.168.205 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=1965 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
Jan 29 17:06:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=16.170.210.152 DST=<My fixed ip> LEN=36 TOS=0x00 PREC=0x00 TTL=238 ID=53323 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=22963 MARK=0x10000000
Jan 29 17:06:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=108.137.169.245 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=51202 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
Jan 29 17:06:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=13.51.69.143 DST=<My fixed ip> LEN=36 TOS=0x00 PREC=0x00 TTL=237 ID=33949 DF PROTO=ICMP TYPE=8 CODE=0 ID=10 SEQ=22963 MARK=0x10000000
Jan 29 17:06:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=108.136.158.71 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=64916 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
Jan 29 17:06:10 kern.alert kernel: IN=ppp3.4 OUT= MAC= SRC=108.137.156.160 DST=<My fixed ip> LEN=36 TOS=0x08 PREC=0x20 TTL=241 ID=54595 DF PROTO=ICMP TYPE=8 CODE=0 ID=21 SEQ=22108 MARK=0x10000000
