Few hours short of noon today, I dialed in and got an IP from my ISP’s DHCP server. Before I could open up a terminal and execute fetchmail to fetch my e-mails, I noticed the two red lights on my modem blinking red and green. They were blinking fast. Seeing as nothing on the system had initiated any sort of connections, I suspected something was amiss. Frantically, I ran snort in IDS mode in one terminal, constantly monitoring the alerts file for any notifications, started tethereal in another terminal, and called up EtheRape to generate a dynamic, grahical model of network traffic my box was seeing.

I was shocked. More than hundred IPs were hitting me on port 6881. A quick grok of the /etc/nmap-services file against the port number 6881 turned nil. However, searching across Google, I found out port 6881 used by Bittorrent.

I captured a snapshot of one of my screens which was running the packet logging and network monitoring tools I just mentioned: wtf.png


One thought on “Packeted!

  1. I was recently packeted to death, by a guy in a ventrilo server I was admin of, and he had a higher admin then me, and because I was keeping him muted cause we were making anouncements, me and other admins, he decided to be a jerk and packet me, he killed my internet within 2 minutes.
    Where can I get a packet logger?
    And how can I counter it, or just intercept it?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s