Please can anyone help? Or help me understand who or what is doing this? And am I safe to go wireless yet to all of my devices? I am currently only wired in, but do not know if they are getting in or not!!
Win 7 64 Bit
Kasperspy
Then ESET (nod32) + Malware bytes
None showed up the virus, with heuristics on...
Story is:
I have had my Laptop Hacked into, where I saw a number of times, that someone is in a file I was trying to access, and asked me to read only or notify!! ( I was on a wireless connection)
This started back in March. My router had WEP, then I changed it to WPA, and still it happened. (I have now got it on WPA/WPA2-PSK (Mixed Mode, which I believe it the most secure?)
I first noticed it a week before, so I was on the latest Kasperspy, and ran full heuristics scan, which did not bring up any results. So I changed to ESET and MAlware bytes, and did the same. Nothing!!
I changed router settings to WPA. Still I was accessed, even after doing factory reset on Router.. Which obviously defaults the router back to the default SSID and Password.
After I called Sky to sort it out, they had no idea, (and i am changing now to a different carrier this week) but after me closely monitoring it for a week, this led to my password being changed on my Laptop at exactly 14:30.00 on Saturday the 17th 2012., which meant I had no access to the laptop!
I had to get in the back door, via cmd and open up another user to get my laptop back and running.
I have also had my phones bluetooth hacked, until I put on my Blue tooth Firewall, where I and can now see the logs in the firewall of new attempts to access, which now rejects them. (Android phones 2.3.6 and 4.0).
Can anyone help me work out whoor what it is it is?
I have had my HD assessed by the Geek Squad in Oxford Street London who said that a JavaScript file which was undetectable by virus checker. This they found out by doing a 48 hour low level check on the HD from my laptop. They said the JavaScript file enabled a VPN access to it..
I had my phones linked to the laptop by cable during this time of being hacked, and am sure stuff text messages dissapeared on them.. (possible or just me going mad?)
Anyone got any ideas, or A. How to prevent, ie proxy server or something, or possibly get a "honey trap" set up?
Painful as I only want secure stress free connections to the web..
This is a sample of what is happening over the last 2 days in my system logs on my Router.
Jun 5 01:42:36 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=1.58.67.157 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=47 ID=9496 DF PROTO=TCP SPT=43579 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 02:42:16 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.36.100.42 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=47362 PROTO=TCP SPT=39320 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 02:58:04 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=75.44.146.75 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=18573 DF PROTO=TCP SPT=59834 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 02:58:07 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=75.44.146.75 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=18864 DF PROTO=TCP SPT=59834 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 02:58:13 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=75.44.146.75 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=19406 DF PROTO=TCP SPT=59834 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 03:10:23 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=174.108.39.71 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=20223 DF PROTO=TCP SPT=56297 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 03:10:26 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=174.108.39.71 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=20350 DF PROTO=TCP SPT=56297 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 03:10:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=174.108.39.71 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=20753 DF PROTO=TCP SPT=56297 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 03:32:22 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=202.222.18.88 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=1290 DF PROTO=TCP SPT=44313 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 03:32:25 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=202.222.18.88 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=1291 DF PROTO=TCP SPT=44313 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 04:38:35 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.251.150.74 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=49477 PROTO=TCP SPT=35140 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 04:41:25 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.151.133.56 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=55460 DF PROTO=TCP SPT=47596 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 04:41:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.151.133.56 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=55650 DF PROTO=TCP SPT=47596 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 04:49:06 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=183.221.248.228 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=43370 PROTO=TCP SPT=61825 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 04:58:11 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=189.76.166.22 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=51568 DF PROTO=TCP SPT=50842 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0
Jun 5 05:58:31 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=174.142.39.247 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=107 ID=256 PROTO=TCP SPT=6000 DPT=8081 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 06:22:13 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.79.8.252 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=46582 DF PROTO=TCP SPT=34942 DPT=27977 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 07:33:46 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=116.231.239.49 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=38565 DF PROTO=TCP SPT=4594 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0
Jun 5 08:13:50 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=187.174.143.34 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=9496 DF PROTO=TCP SPT=29647 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 08:19:04 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=88.134.76.187 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=32633 DF PROTO=TCP SPT=48296 DPT=1081 WINDOW=512 RES=0x00 SYN URGP=0
Jun 5 08:19:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=219.235.1.182 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=102 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 09:10:39 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=58.215.172.230 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27850 DF PROTO=TCP SPT=5414 DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 09:37:03 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=1389 DF PROTO=TCP SPT=1351 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 09:37:05 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=1815 DF PROTO=TCP SPT=1351 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 09:37:12 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=2935 DF PROTO=TCP SPT=1351 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 10:17:15 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=2966 DF PROTO=TCP SPT=52157 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:17:18 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=3019 DF PROTO=TCP SPT=52157 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:17:24 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=3189 DF PROTO=TCP SPT=52157 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:19:03 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=5501 DF PROTO=TCP SPT=52557 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:19:06 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=5581 DF PROTO=TCP SPT=52557 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:49:45 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=222.186.15.24 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=98 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 10:54:57 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=109.255.37.179 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=10921 DF PROTO=TCP SPT=53568 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:55:01 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=109.255.37.179 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=13056 DF PROTO=TCP SPT=53568 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:57:18 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=109.255.37.179 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=4102 DF PROTO=TCP SPT=53859 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 11:29:21 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=123.202.70.13 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=60427 DF PROTO=TCP SPT=57127 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0
Jun 5 11:41:23 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=1.157.101.171 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=7625 DF PROTO=TCP SPT=62527 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 11:41:29 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=1.157.101.171 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=7648 DF PROTO=TCP SPT=62527 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 11:59:05 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.194.6.125 DST=90.211.81.62 LEN=44 TOS=0x00 PREC=0x00 TTL=92 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 12:10:43 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=64997 DF PROTO=TCP SPT=2733 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 12:10:46 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=65513 DF PROTO=TCP SPT=2733 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 12:10:52 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=1318 DF PROTO=TCP SPT=2733 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 12:17:50 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=95.132.217.110 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=21709 DF PROTO=TCP SPT=55239 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 12:54:39 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=206.31.248.10 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=26176 DF PROTO=TCP SPT=37536 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 13:34:50 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=200.80.8.99 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=8791 DF PROTO=TCP SPT=54218 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 13:34:53 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=200.80.8.99 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=8917 DF PROTO=TCP SPT=54218 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 13:34:59 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=200.80.8.99 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=9122 DF PROTO=TCP SPT=54218 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 14:03:07 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=85.114.137.178 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=60257 PROTO=TCP SPT=19715 DPT=25 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 14:17:31 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=81.25.12.186 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=31317 DF PROTO=TCP SPT=3267 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 14:30:57 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=109.123.118.162 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=31114 PROTO=TCP SPT=6301 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 15:18:55 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.168.13.130 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=58560 DF PROTO=TCP SPT=55914 DPT=60925 WINDOW=30492 RES=0x00 SYN URGP=0
Jun 5 15:18:58 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.168.13.130 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=58775 DF PROTO=TCP SPT=55914 DPT=60925 WINDOW=30492 RES=0x00 SYN URGP=0
Jun 5 15:19:04 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.168.13.130 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=59149 DF PROTO=TCP SPT=55914 DPT=60925 WINDOW=30492 RES=0x00 SYN URGP=0
Jun 5 15:23:58 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=45336 DF PROTO=TCP SPT=3974 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 15:24:01 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=45756 DF PROTO=TCP SPT=3974 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 15:51:27 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=5798 DF PROTO=TCP SPT=55595 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 15:51:30 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=5835 DF PROTO=TCP SPT=55595 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 16:10:25 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.173.26.52 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=101 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 16:28:34 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=178.81.38.132 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=57568 DF PROTO=TCP SPT=59761 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 16:28:35 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=178.81.38.132 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=53741 DF PROTO=TCP SPT=59761 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 17:10:16 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=212.227.55.28 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=22 ID=26437 PROTO=TCP SPT=25 DPT=25 WINDOW=50723 RES=0x00 SYN URGP=50723
Jun 5 17:16:54 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=124.102.56.79 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=6000 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 18:02:48 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=222.195.186.100 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=26857 PROTO=TCP SPT=8969 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 18:08:29 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.201.255.220 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=123 ID=25117 DF PROTO=TCP SPT=63187 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 18:08:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.201.255.220 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=123 ID=25152 DF PROTO=TCP SPT=63187 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 18:08:38 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.201.255.220 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=25216 DF PROTO=TCP SPT=63187 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 19:07:34 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=2.217.213.243 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=122 ID=11207 DF PROTO=TCP SPT=51385 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 19:07:37 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=2.217.213.243 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=122 ID=11422 DF PROTO=TCP SPT=51385 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 19:07:43 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=2.217.213.243 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=11735 DF PROTO=TCP SPT=51385 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 19:23:13 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=22978 DF PROTO=TCP SPT=2930 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 19:23:16 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=23042 DF PROTO=TCP SPT=2930 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 19:23:22 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=23236 DF PROTO=TCP SPT=2930 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 19:29:51 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=94.31.124.79 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=58402 DF PROTO=TCP SPT=45052 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 19:38:07 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=49.66.225.201 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27552 DF PROTO=TCP SPT=1830 DPT=23 WINDOW=5552 RES=0x00 SYN URGP=0
Jun 5 19:49:46 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=28947 DF PROTO=TCP SPT=51747 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 20:22:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=6180 DF PROTO=TCP SPT=2636 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 20:22:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=6200 DF PROTO=TCP SPT=2636 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 20:22:37 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=6237 DF PROTO=TCP SPT=2636 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 21:04:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.194.6.125 DST=90.211.81.62 LEN=44 TOS=0x00 PREC=0x00 TTL=92 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 21:20:51 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.79.8.252 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=18143 DF PROTO=TCP SPT=55580 DPT=27977 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 21:28:09 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=123.127.50.15 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=25576 DF PROTO=TCP SPT=49567 DPT=21 WINDOW=14600 RES=0x00 SYN URGP=0
Jun 5 21:28:12 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=123.127.50.15 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=25577 DF PROTO=TCP SPT=49567 DPT=21 WINDOW=14600 RES=0x00 SYN URGP=0
Jun 5 21:37:51 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=219.91.180.56 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=9496 PROTO=TCP SPT=4935 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 21:38:08 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=67.23.32.241 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=28237 PROTO=TCP SPT=10372 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 21:43:55 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=16014 DF PROTO=TCP SPT=4299 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 21:43:58 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=16415 DF PROTO=TCP SPT=4299 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 22:11:59 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=16932 DF PROTO=TCP SPT=51807 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:12:02 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=16994 DF PROTO=TCP SPT=51807 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:12:08 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=17121 DF PROTO=TCP SPT=51807 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:42:19 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=194.123.243.155 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=25809 DF PROTO=TCP SPT=63078 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:42:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=194.123.243.155 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=26963 DF PROTO=TCP SPT=63078 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:57:23 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.173.10.234 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=103 ID=256 PROTO=TCP SPT=6000 DPT=3306 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 23:08:58 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=86.203.109.140 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=41820 DF PROTO=TCP SPT=43107 DPT=60925 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 23:09:01 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=86.203.109.140 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=41821 DF PROTO=TCP SPT=43107 DPT=60925 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 23:17:02 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=46.165.199.49 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=40535 PROTO=TCP SPT=14444 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 23:26:15 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=178.140.254.170 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=30269 DF PROTO=TCP SPT=53197 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 23:31:29 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=200.115.211.23 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=15141 DF PROTO=TCP SPT=55461 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 23:51:18 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=222.195.186.100 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=9344 PROTO=TCP SPT=8969 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:14:36 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=112.94.139.16 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=59466 DF PROTO=TCP SPT=51605 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 6 00:16:17 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.64.21.198 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=46 ID=7700 DF PROTO=TCP SPT=54425 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:16:18 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.64.21.198 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=46 ID=10844 DF PROTO=TCP SPT=54425 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:16:19 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.64.21.198 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=46 ID=4435 DF PROTO=TCP SPT=54425 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:16:20 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.64.21.198 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=46 ID=35431 DF PROTO=TCP SPT=54425 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:29:39 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=59708 DF PROTO=TCP SPT=4311 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:37:02 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=74.99.172.133 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=8749 DF PROTO=TCP SPT=59466 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 00:49:50 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=2.140.226.79 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=50 ID=13294 DF PROTO=TCP SPT=52982 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 01:03:31 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=98.165.69.146 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=20703 DF PROTO=TCP SPT=54023 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 01:05:53 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=98.165.69.146 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=24215 DF PROTO=TCP SPT=54373 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 02:47:21 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=222.186.27.7 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=10674 DPT=3389 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 6 02:48:54 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=183.221.248.229 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=20318 PROTO=TCP SPT=32136 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 02:53:24 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=24.68.80.18 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=42734 DF PROTO=TCP SPT=4044 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 02:53:27 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=24.68.80.18 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=43119 DF PROTO=TCP SPT=4044 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 02:53:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=24.68.80.18 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=44272 DF PROTO=TCP SPT=4044 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 03:10:23 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=35174 DF PROTO=TCP SPT=1627 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 03:10:26 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=38304 DF PROTO=TCP SPT=1627 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 03:51:17 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=221.2.209.46 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=8088 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 6 05:02:14 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=88.134.76.187 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54124 DF PROTO=TCP SPT=18091 DPT=1080 WINDOW=512 RES=0x00 SYN URGP=0
Jun 6 05:06:21 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=58.251.60.228 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=0 DF PROTO=TCP SPT=12200 DPT=9415 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 05:42:30 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=36527 DF PROTO=TCP SPT=4164 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 05:42:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=37151 DF PROTO=TCP SPT=4164 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 05:42:39 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=38507 DF PROTO=TCP SPT=4164 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 05:46:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=69.64.64.90 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=14442 DF PROTO=TCP SPT=47578 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 6 05:51:53 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=19751 DF PROTO=TCP SPT=64099 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 06:16:45 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=48412 DF PROTO=TCP SPT=2321 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 06:16:46 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=57608 DF PROTO=TCP SPT=2333 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 06:20:09 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=46.41.129.9 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=37092 PROTO=TCP SPT=62361 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 06:33:59 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.190.112.148 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=49851 PROTO=TCP SPT=64318 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 06:42:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=16810 DF PROTO=TCP SPT=8483 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 06:42:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=10895 DF PROTO=TCP SPT=8491 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 07:28:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=189.1.162.244 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=59230 PROTO=TCP SPT=15834 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 08:16:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=1886 DF PROTO=TCP SPT=2812 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 08:16:36 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=2497 DF PROTO=TCP SPT=2812 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 08:16:42 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=6574 DF PROTO=TCP SPT=2812 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 08:31:26 (none) daemon.crit syslog: The user from 192.168.0.2 has logined in.
Win 7 64 Bit
Kasperspy
Then ESET (nod32) + Malware bytes
None showed up the virus, with heuristics on...
Story is:
I have had my Laptop Hacked into, where I saw a number of times, that someone is in a file I was trying to access, and asked me to read only or notify!! ( I was on a wireless connection)
This started back in March. My router had WEP, then I changed it to WPA, and still it happened. (I have now got it on WPA/WPA2-PSK (Mixed Mode, which I believe it the most secure?)
I first noticed it a week before, so I was on the latest Kasperspy, and ran full heuristics scan, which did not bring up any results. So I changed to ESET and MAlware bytes, and did the same. Nothing!!
I changed router settings to WPA. Still I was accessed, even after doing factory reset on Router.. Which obviously defaults the router back to the default SSID and Password.
After I called Sky to sort it out, they had no idea, (and i am changing now to a different carrier this week) but after me closely monitoring it for a week, this led to my password being changed on my Laptop at exactly 14:30.00 on Saturday the 17th 2012., which meant I had no access to the laptop!
I had to get in the back door, via cmd and open up another user to get my laptop back and running.
I have also had my phones bluetooth hacked, until I put on my Blue tooth Firewall, where I and can now see the logs in the firewall of new attempts to access, which now rejects them. (Android phones 2.3.6 and 4.0).
Can anyone help me work out whoor what it is it is?
I have had my HD assessed by the Geek Squad in Oxford Street London who said that a JavaScript file which was undetectable by virus checker. This they found out by doing a 48 hour low level check on the HD from my laptop. They said the JavaScript file enabled a VPN access to it..
I had my phones linked to the laptop by cable during this time of being hacked, and am sure stuff text messages dissapeared on them.. (possible or just me going mad?)
Anyone got any ideas, or A. How to prevent, ie proxy server or something, or possibly get a "honey trap" set up?
Painful as I only want secure stress free connections to the web..
This is a sample of what is happening over the last 2 days in my system logs on my Router.
Jun 5 01:42:36 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=1.58.67.157 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=47 ID=9496 DF PROTO=TCP SPT=43579 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 02:42:16 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.36.100.42 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=47362 PROTO=TCP SPT=39320 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 02:58:04 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=75.44.146.75 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=18573 DF PROTO=TCP SPT=59834 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 02:58:07 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=75.44.146.75 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=18864 DF PROTO=TCP SPT=59834 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 02:58:13 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=75.44.146.75 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=19406 DF PROTO=TCP SPT=59834 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 03:10:23 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=174.108.39.71 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=20223 DF PROTO=TCP SPT=56297 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 03:10:26 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=174.108.39.71 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=20350 DF PROTO=TCP SPT=56297 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 03:10:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=174.108.39.71 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=20753 DF PROTO=TCP SPT=56297 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 03:32:22 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=202.222.18.88 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=1290 DF PROTO=TCP SPT=44313 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 03:32:25 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=202.222.18.88 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=1291 DF PROTO=TCP SPT=44313 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 04:38:35 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.251.150.74 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=49477 PROTO=TCP SPT=35140 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 04:41:25 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.151.133.56 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=55460 DF PROTO=TCP SPT=47596 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 04:41:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.151.133.56 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=55650 DF PROTO=TCP SPT=47596 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 04:49:06 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=183.221.248.228 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=43370 PROTO=TCP SPT=61825 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 04:58:11 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=189.76.166.22 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=51568 DF PROTO=TCP SPT=50842 DPT=80 WINDOW=14600 RES=0x00 SYN URGP=0
Jun 5 05:58:31 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=174.142.39.247 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=107 ID=256 PROTO=TCP SPT=6000 DPT=8081 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 06:22:13 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.79.8.252 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=46582 DF PROTO=TCP SPT=34942 DPT=27977 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 07:33:46 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=116.231.239.49 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=38565 DF PROTO=TCP SPT=4594 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0
Jun 5 08:13:50 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=187.174.143.34 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=9496 DF PROTO=TCP SPT=29647 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 08:19:04 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=88.134.76.187 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=32633 DF PROTO=TCP SPT=48296 DPT=1081 WINDOW=512 RES=0x00 SYN URGP=0
Jun 5 08:19:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=219.235.1.182 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=102 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 09:10:39 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=58.215.172.230 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27850 DF PROTO=TCP SPT=5414 DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 09:37:03 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=1389 DF PROTO=TCP SPT=1351 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 09:37:05 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=1815 DF PROTO=TCP SPT=1351 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 09:37:12 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=2935 DF PROTO=TCP SPT=1351 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 10:17:15 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=2966 DF PROTO=TCP SPT=52157 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:17:18 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=3019 DF PROTO=TCP SPT=52157 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:17:24 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=3189 DF PROTO=TCP SPT=52157 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:19:03 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=5501 DF PROTO=TCP SPT=52557 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:19:06 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=101.114.149.199 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=5581 DF PROTO=TCP SPT=52557 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:49:45 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=222.186.15.24 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=98 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 10:54:57 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=109.255.37.179 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=10921 DF PROTO=TCP SPT=53568 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:55:01 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=109.255.37.179 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=13056 DF PROTO=TCP SPT=53568 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 10:57:18 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=109.255.37.179 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=4102 DF PROTO=TCP SPT=53859 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 11:29:21 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=123.202.70.13 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=60427 DF PROTO=TCP SPT=57127 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0
Jun 5 11:41:23 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=1.157.101.171 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=7625 DF PROTO=TCP SPT=62527 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 11:41:29 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=1.157.101.171 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=7648 DF PROTO=TCP SPT=62527 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 11:59:05 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.194.6.125 DST=90.211.81.62 LEN=44 TOS=0x00 PREC=0x00 TTL=92 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 12:10:43 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=64997 DF PROTO=TCP SPT=2733 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 12:10:46 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=65513 DF PROTO=TCP SPT=2733 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 12:10:52 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=1318 DF PROTO=TCP SPT=2733 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 12:17:50 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=95.132.217.110 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=21709 DF PROTO=TCP SPT=55239 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 12:54:39 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=206.31.248.10 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=26176 DF PROTO=TCP SPT=37536 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 13:34:50 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=200.80.8.99 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=8791 DF PROTO=TCP SPT=54218 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 13:34:53 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=200.80.8.99 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=8917 DF PROTO=TCP SPT=54218 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 13:34:59 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=200.80.8.99 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=9122 DF PROTO=TCP SPT=54218 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 14:03:07 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=85.114.137.178 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=60257 PROTO=TCP SPT=19715 DPT=25 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 14:17:31 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=81.25.12.186 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=31317 DF PROTO=TCP SPT=3267 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 14:30:57 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=109.123.118.162 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=31114 PROTO=TCP SPT=6301 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 15:18:55 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.168.13.130 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=58560 DF PROTO=TCP SPT=55914 DPT=60925 WINDOW=30492 RES=0x00 SYN URGP=0
Jun 5 15:18:58 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.168.13.130 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=58775 DF PROTO=TCP SPT=55914 DPT=60925 WINDOW=30492 RES=0x00 SYN URGP=0
Jun 5 15:19:04 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.168.13.130 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=59149 DF PROTO=TCP SPT=55914 DPT=60925 WINDOW=30492 RES=0x00 SYN URGP=0
Jun 5 15:23:58 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=45336 DF PROTO=TCP SPT=3974 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 15:24:01 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=45756 DF PROTO=TCP SPT=3974 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 15:51:27 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=5798 DF PROTO=TCP SPT=55595 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 15:51:30 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=5835 DF PROTO=TCP SPT=55595 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 16:10:25 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.173.26.52 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=101 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 16:28:34 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=178.81.38.132 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=57568 DF PROTO=TCP SPT=59761 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 16:28:35 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=178.81.38.132 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=53741 DF PROTO=TCP SPT=59761 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 17:10:16 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=212.227.55.28 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=22 ID=26437 PROTO=TCP SPT=25 DPT=25 WINDOW=50723 RES=0x00 SYN URGP=50723
Jun 5 17:16:54 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=124.102.56.79 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=6000 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 18:02:48 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=222.195.186.100 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=26857 PROTO=TCP SPT=8969 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 18:08:29 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.201.255.220 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=123 ID=25117 DF PROTO=TCP SPT=63187 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 18:08:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.201.255.220 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=123 ID=25152 DF PROTO=TCP SPT=63187 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 18:08:38 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.201.255.220 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=25216 DF PROTO=TCP SPT=63187 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 19:07:34 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=2.217.213.243 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=122 ID=11207 DF PROTO=TCP SPT=51385 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 19:07:37 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=2.217.213.243 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=122 ID=11422 DF PROTO=TCP SPT=51385 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 19:07:43 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=2.217.213.243 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=11735 DF PROTO=TCP SPT=51385 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 19:23:13 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=22978 DF PROTO=TCP SPT=2930 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 19:23:16 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=23042 DF PROTO=TCP SPT=2930 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 19:23:22 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=23236 DF PROTO=TCP SPT=2930 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 19:29:51 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=94.31.124.79 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=58402 DF PROTO=TCP SPT=45052 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 19:38:07 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=49.66.225.201 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27552 DF PROTO=TCP SPT=1830 DPT=23 WINDOW=5552 RES=0x00 SYN URGP=0
Jun 5 19:49:46 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=28947 DF PROTO=TCP SPT=51747 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 20:22:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=6180 DF PROTO=TCP SPT=2636 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 20:22:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=6200 DF PROTO=TCP SPT=2636 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 20:22:37 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=82.122.186.192 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=6237 DF PROTO=TCP SPT=2636 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 21:04:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.194.6.125 DST=90.211.81.62 LEN=44 TOS=0x00 PREC=0x00 TTL=92 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 21:20:51 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.79.8.252 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=18143 DF PROTO=TCP SPT=55580 DPT=27977 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 21:28:09 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=123.127.50.15 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=25576 DF PROTO=TCP SPT=49567 DPT=21 WINDOW=14600 RES=0x00 SYN URGP=0
Jun 5 21:28:12 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=123.127.50.15 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=25577 DF PROTO=TCP SPT=49567 DPT=21 WINDOW=14600 RES=0x00 SYN URGP=0
Jun 5 21:37:51 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=219.91.180.56 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=9496 PROTO=TCP SPT=4935 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 21:38:08 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=67.23.32.241 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=28237 PROTO=TCP SPT=10372 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 21:43:55 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=16014 DF PROTO=TCP SPT=4299 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 21:43:58 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=16415 DF PROTO=TCP SPT=4299 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 22:11:59 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=16932 DF PROTO=TCP SPT=51807 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:12:02 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=16994 DF PROTO=TCP SPT=51807 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:12:08 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=108.233.21.79 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=17121 DF PROTO=TCP SPT=51807 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:42:19 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=194.123.243.155 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=25809 DF PROTO=TCP SPT=63078 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:42:28 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=194.123.243.155 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=26963 DF PROTO=TCP SPT=63078 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 22:57:23 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.173.10.234 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=103 ID=256 PROTO=TCP SPT=6000 DPT=3306 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 5 23:08:58 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=86.203.109.140 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=41820 DF PROTO=TCP SPT=43107 DPT=60925 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 23:09:01 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=86.203.109.140 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=41821 DF PROTO=TCP SPT=43107 DPT=60925 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 5 23:17:02 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=46.165.199.49 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=122 ID=40535 PROTO=TCP SPT=14444 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 5 23:26:15 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=178.140.254.170 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=30269 DF PROTO=TCP SPT=53197 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 23:31:29 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=200.115.211.23 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=15141 DF PROTO=TCP SPT=55461 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 5 23:51:18 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=222.195.186.100 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=9344 PROTO=TCP SPT=8969 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:14:36 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=112.94.139.16 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=59466 DF PROTO=TCP SPT=51605 DPT=23 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 6 00:16:17 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.64.21.198 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=46 ID=7700 DF PROTO=TCP SPT=54425 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:16:18 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.64.21.198 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=46 ID=10844 DF PROTO=TCP SPT=54425 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:16:19 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.64.21.198 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=46 ID=4435 DF PROTO=TCP SPT=54425 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:16:20 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=70.64.21.198 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=46 ID=35431 DF PROTO=TCP SPT=54425 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:29:39 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=118 ID=59708 DF PROTO=TCP SPT=4311 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 00:37:02 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=74.99.172.133 DST=90.211.81.62 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=8749 DF PROTO=TCP SPT=59466 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 00:49:50 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=2.140.226.79 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=50 ID=13294 DF PROTO=TCP SPT=52982 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 01:03:31 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=98.165.69.146 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=20703 DF PROTO=TCP SPT=54023 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 01:05:53 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=98.165.69.146 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=24215 DF PROTO=TCP SPT=54373 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 02:47:21 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=222.186.27.7 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=256 PROTO=TCP SPT=10674 DPT=3389 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 6 02:48:54 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=183.221.248.229 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=20318 PROTO=TCP SPT=32136 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 02:53:24 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=24.68.80.18 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=42734 DF PROTO=TCP SPT=4044 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 02:53:27 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=24.68.80.18 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=43119 DF PROTO=TCP SPT=4044 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 02:53:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=24.68.80.18 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=44272 DF PROTO=TCP SPT=4044 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 03:10:23 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=35174 DF PROTO=TCP SPT=1627 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 03:10:26 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=38304 DF PROTO=TCP SPT=1627 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 03:51:17 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=221.2.209.46 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=8088 WINDOW=16384 RES=0x00 SYN URGP=0
Jun 6 05:02:14 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=88.134.76.187 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54124 DF PROTO=TCP SPT=18091 DPT=1080 WINDOW=512 RES=0x00 SYN URGP=0
Jun 6 05:06:21 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=58.251.60.228 DST=90.211.81.62 LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=0 DF PROTO=TCP SPT=12200 DPT=9415 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 05:42:30 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=36527 DF PROTO=TCP SPT=4164 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 05:42:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=37151 DF PROTO=TCP SPT=4164 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 05:42:39 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=38507 DF PROTO=TCP SPT=4164 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 05:46:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=69.64.64.90 DST=90.211.81.62 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=14442 DF PROTO=TCP SPT=47578 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Jun 6 05:51:53 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=19751 DF PROTO=TCP SPT=64099 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 06:16:45 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=48412 DF PROTO=TCP SPT=2321 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 06:16:46 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=57608 DF PROTO=TCP SPT=2333 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 06:20:09 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=46.41.129.9 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=37092 PROTO=TCP SPT=62361 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 06:33:59 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=60.190.112.148 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=49851 PROTO=TCP SPT=64318 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 06:42:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=16810 DF PROTO=TCP SPT=8483 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 06:42:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=173.13.248.140 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=10895 DF PROTO=TCP SPT=8491 DPT=60925 WINDOW=8192 RES=0x00 SYN URGP=0
Jun 6 07:28:32 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=189.1.162.244 DST=90.211.81.62 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=59230 PROTO=TCP SPT=15834 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 08:16:33 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=1886 DF PROTO=TCP SPT=2812 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 08:16:36 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=2497 DF PROTO=TCP SPT=2812 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 08:16:42 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=77.106.224.191 DST=90.211.81.62 LEN=64 TOS=0x00 PREC=0x00 TTL=119 ID=6574 DF PROTO=TCP SPT=2812 DPT=60925 WINDOW=65535 RES=0x00 SYN URGP=0
Jun 6 08:31:26 (none) daemon.crit syslog: The user from 192.168.0.2 has logined in.
23221 Hits