Answers to your tech questions
Computer forums for help with removing malicious software (malware) and improving computer security

Welcome Guest to What the Tech! ( Log In | Register ) We specialize in the removal of malicious software (malware), but here you'll find free help and support for all your tech questions. We invite you to ask questions, share experiences, and learn. Explore our message boards, or register now to post messages of your own. Please Start Here. Register today (registration removes advertising)

 
 Reply to this topicStart new topic
> My D-Link DGL-4500 is blocking something, what is it?, Might I have some sort of bot on my computer?
RamGuy
post Apr 28 2008, 06:32 AM
Post #1


New Member
*

Group: New Member
Posts: 2
Joined: 28-April 08
Member No.: 78,711
Operating System: Windows XP 32bit
Hi, I've noticed that my D-Link DGL-4500 Router has been blocking LOTS of packages.

I was wondering what it's blocking, and why?
Might I have some sort of spyware carp** on my computer spaming out information or something?


Here are parts of the log:

QUOTE
[INFO] Thu Apr 17 04:58:57 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 61.189.175.182
[INFO] Thu Apr 17 04:28:28 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.10.193.252
[INFO] Thu Apr 17 04:25:38 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.5.169.165
[INFO] Thu Apr 17 04:24:43 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 202.97.238.204
[INFO] Thu Apr 17 04:13:06 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 207.46.26.254
[INFO] Thu Apr 17 04:12:49 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.30.37.246
[INFO] Thu Apr 17 04:11:40 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 24.234.136.138
[INFO] Thu Apr 17 04:11:13 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 212.244.116.1
[INFO] Thu Apr 17 04:10:04 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.23.100.207
[INFO] Thu Apr 17 04:09:43 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.25.237.249
[INFO] Thu Apr 17 04:09:40 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.7.81.104
[INFO] Thu Apr 17 04:09:28 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 77.113.118.174
[INFO] Thu Apr 17 04:08:34 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.11.29.96
[INFO] Thu Apr 17 04:08:33 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.19.199.202
[INFO] Thu Apr 17 04:08:32 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 77.180.59.151
[INFO] Thu Apr 17 04:07:05 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 221.208.208.94
[INFO] Thu Apr 17 04:07:01 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.21.204.81
[INFO] Thu Apr 17 04:06:09 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 24.81.188.104
[INFO] Thu Apr 17 04:05:57 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 77.253.64.99
[INFO] Thu Apr 17 04:05:15 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.21.13.238
[INFO] Thu Apr 17 04:04:45 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 82.25.129.79
[INFO] Thu Apr 17 04:04:21 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 77.253.177.157
[INFO] Thu Apr 17 04:04:06 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.158.158.34
[INFO] Thu Apr 17 04:03:59 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.2
[INFO] Thu Apr 17 04:03:57 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.15.123.34
[INFO] Thu Apr 17 04:03:55 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.11.6.12
[INFO] Thu Apr 17 04:03:50 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.9.191.16
[INFO] Thu Apr 17 04:03:47 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.28.214.161
[INFO] Thu Apr 17 04:03:43 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 89.54.48.231
[INFO] Thu Apr 17 04:03:39 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 79.186.63.80
[INFO] Thu Apr 17 04:03:39 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.21.147.44
[INFO] Thu Apr 17 04:03:35 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 90.194.176.21
[INFO] Thu Apr 17 04:03:32 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.23.248.67
[INFO] Thu Apr 17 04:03:27 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 66.115.128.202
[INFO] Thu Apr 17 04:03:20 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 196.206.208.240
[INFO] Thu Apr 17 04:03:15 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.105
[INFO] Thu Apr 17 04:03:14 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 216.130.185.84
[INFO] Thu Apr 17 04:03:13 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 90.206.10.243
[INFO] Thu Apr 17 04:02:57 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.145
[INFO] Thu Apr 17 04:02:49 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.25.133.163
[INFO] Thu Apr 17 04:02:43 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.62
[INFO] Thu Apr 17 04:02:41 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 84.136.114.226
[INFO] Thu Apr 17 04:02:40 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 89.78.165.101
[INFO] Thu Apr 17 04:02:35 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.25.179.75
[INFO] Thu Apr 17 04:02:30 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 70.231.251.232
[INFO] Thu Apr 17 04:02:26 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 91.193.96.230
[INFO] Thu Apr 17 04:02:25 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 64.216.47.190
[INFO] Thu Apr 17 04:02:24 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 77.112.5.87
[INFO] Thu Apr 17 04:02:20 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 84.60.168.170
[INFO] Thu Apr 17 04:02:19 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 79.173.30.248
[INFO] Thu Apr 17 04:02:18 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.173
[INFO] Thu Apr 17 04:02:09 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.88
[INFO] Thu Apr 17 04:02:09 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.49
[INFO] Thu Apr 17 04:02:08 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 88.156.236.130
[INFO] Thu Apr 17 04:02:07 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 82.170.163.14
[INFO] Thu Apr 17 04:02:07 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 90.132.72.17
[INFO] Thu Apr 17 04:02:07 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 85.166.207.57
[INFO] Thu Apr 17 04:02:06 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.142.174.159
[INFO] Thu Apr 17 04:02:05 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 216.240.134.122
[INFO] Thu Apr 17 04:02:05 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 74.229.70.4
[INFO] Thu Apr 17 04:02:03 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 79.185.58.166
[INFO] Thu Apr 17 04:02:01 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 90.228.245.70
[INFO] Thu Apr 17 04:02:01 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 87.244.194.121
[INFO] Thu Apr 17 04:01:59 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.181
[INFO] Thu Apr 17 04:01:55 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.40
[INFO] Thu Apr 17 04:01:52 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.30.107.231
[INFO] Thu Apr 17 04:01:51 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 82.160.116.1
[INFO] Thu Apr 17 04:01:49 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 80.48.144.41
[INFO] Thu Apr 17 04:01:47 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.52
[INFO] Thu Apr 17 04:01:47 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 213.136.230.146
[INFO] Thu Apr 17 04:01:47 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 78.42.121.252
[INFO] Thu Apr 17 04:01:46 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.88
[INFO] Thu Apr 17 04:01:46 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 78.88.83.147
[INFO] Thu Apr 17 04:01:45 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 82.160.43.3
[INFO] Thu Apr 17 04:01:45 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.109
[INFO] Thu Apr 17 04:01:44 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 88.199.92.2
[INFO] Thu Apr 17 04:01:44 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 201.51.70.164
[INFO] Thu Apr 17 04:01:44 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.21.62.67
[INFO] Thu Apr 17 04:01:44 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 88.240.114.24
[INFO] Thu Apr 17 04:01:43 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.4.167.149
[INFO] Thu Apr 17 04:01:41 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.155
[INFO] Thu Apr 17 04:01:36 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 82.41.80.97
[INFO] Thu Apr 17 04:01:33 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.23.177.27
[INFO] Thu Apr 17 04:01:29 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.148
[INFO] Thu Apr 17 04:01:29 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.111
[INFO] Thu Apr 17 04:01:29 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 87.1.66.12
[INFO] Thu Apr 17 04:01:29 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.21.140.40
[INFO] Thu Apr 17 04:01:22 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 79.184.11.9
[INFO] Thu Apr 17 04:01:21 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.28.228.252
[INFO] Thu Apr 17 04:01:21 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 92.237.13.9
[INFO] Thu Apr 17 04:01:21 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.50
[INFO] Thu Apr 17 04:01:21 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 217.236.76.94
[INFO] Thu Apr 17 04:01:21 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 77.253.176.135
[INFO] Thu Apr 17 04:01:20 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.21.57.79
[INFO] Thu Apr 17 04:01:20 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 82.134.173.96
[INFO] Thu Apr 17 04:01:20 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 74.193.9.114
[INFO] Thu Apr 17 04:01:19 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 89.243.83.252
[INFO] Thu Apr 17 04:01:05 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.174
[INFO] Thu Apr 17 04:01:04 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 77.253.149.239
[INFO] Thu Apr 17 04:01:03 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 144.138.154.107
[INFO] Thu Apr 17 04:01:03 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.10.185.30
[INFO] Thu Apr 17 04:01:02 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 78.16.238.68
[INFO] Thu Apr 17 04:01:02 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 69.85.242.115
[INFO] Thu Apr 17 04:01:02 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.10.112.170
[INFO] Thu Apr 17 04:00:58 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 217.96.119.221
[INFO] Thu Apr 17 04:00:58 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 83.11.206.27
[INFO] Thu Apr 17 04:00:58 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 87.207.207.240
[INFO] Thu Apr 17 04:00:58 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 90.35.215.212
[INFO] Thu Apr 17 04:00:57 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 217.159.161.116
[INFO] Thu Apr 17 04:00:56 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 87.17.199.25
[INFO] Thu Apr 17 04:00:55 2008 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.1.149 to 67.162.100.197

and

[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61577 to 137.165.4.96:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61549 to 207.46.19.190:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61555 to 193.213.121.80:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61556 to 193.213.121.80:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61559 to 207.46.19.190:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61561 to 207.46.19.190:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61541 to 193.213.121.91:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61537 to 207.46.19.190:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61557 to 193.213.121.80:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61554 to 193.213.121.80:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61543 to 207.46.19.190:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61539 to 207.46.19.190:80 as FIN:ACK received but there is no active connection
[INFO] Wed Apr 16 13:08:43 2008 Blocked outgoing TCP packet from 192.168.1.149:61545 to 207.46.19.190:80 as FIN:ACK received but there is no active connection



As you might see from my log, I've got lots of ICMP Packet's blocked.. And that's just like 4% of my log, it continues for ages..
What does that mean? And why does this occur?

Also my IP-address is DMZ-hosted
Go to the top of the page
 
+Quote Post
paws
post Apr 28 2008, 12:06 PM
Post #2


SuperMember
Group Icon

Group: Tech Team
Posts: 1,857
Joined: 11-November 04
From: Lat' 51N, Long' not much East or West, (UK)
Member No.: 18,221
Operating System: Win XP (Pro & Home) Win 2000, Linux



Hi,
I see you have posted this, in in the following: places
http://forums.spywareinfo.com/index.php?sh...mp;#entry633772

http://forums.whatthetech.com/My_D_Link_DG...366#entry457366
as well as here.

Here is a "look up" of the first IP address on your list that may help you in researching this issue.
https://isc.sans.org/ipinfo.html?ip=061.189.175.182
This is from the Internet Storm Centre.
Regards
paws
Go to the top of the page
 
+Quote Post
« Next Oldest · Networking · Next Newest »
 

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 
RSS Time is now: 1st December 2008 - 09:02 PM
Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy
Powered By IP.Board © 2008  IPS, Inc.