IP's in gates

[mercury71]

i have ip's being logged in the following gates

Selgate says this -
[13:06:01] ???¨²??¨¢??¨®1£¤?¡Â: 86.8.96.80
[14:09:24] ???¨²??¨¢??¨®1£¤?¡Â: 86.8.96.80

And Rungate this -
10:43:20] ¨¬?3y¨¢??¨®: IP(202.143.120.98),D??¡é¨ºy¨¢?(22),¨ºy?Y¡ã¨¹3¡è?¨¨(536)
[11:00:06] ¨¬?3y¨¢??¨®: IP(202.143.120.98),D??¡é¨ºy¨¢?(16),¨ºy?Y¡ã¨¹3¡è?¨¨(315)
[11:02:03] ¨¬?3y¨¢??¨®: IP(202.143.120.98),D??¡é¨ºy¨¢?(17),¨ºy?Y¡ã¨¹3¡è?¨¨(324)

is it anything tp panic about and if it is how do you stop it

 

[Demonic]

Post the results in Chinese not ASCII - then maybe I can tell you what it says...

 

[mapadale]

i have ip's being logged in the following gates

Selgate says this -
[13:06:01] ???¨²??¨¢??¨®1£¤?¡Â: 86.8.96.80
[14:09:24] ???¨²??¨¢??¨®1£¤?¡Â: 86.8.96.80

And Rungate this -
10:43:20] ¨¬?3y¨¢??¨®: IP(202.143.120.98),D??¡é¨ºy¨¢?(22),¨ºy?Y¡ã¨¹3¡è?¨¨(536)
[11:00:06] ¨¬?3y¨¢??¨®: IP( 202.143.120.98 ),D??¡é¨ºy¨¢?(16),¨ºy?Y¡ã¨¹3¡è?¨¨(315)
[11:02:03] ¨¬?3y¨¢??¨®: IP(202.143.120.98),D??¡é¨ºy¨¢?(17),¨ºy?Y¡ã¨¹3¡è?¨¨(324)

is it anything tp panic about and if it is how do you stop it

86.8.96.80 traced to: cpc1-linc3-0-0-cust79.nott.cable.ntl.com
202.143.120.98 traced to: dynamic-ip.cmodem.connect2b.net
189.47.52.61 traced to: 189-47-52-61.dsl.telesp.net.br

Now all you need to do is check you DB and see if ether of them match any in your DB and if they cross match any other account - If not then you have yourself a problem.

But as with the selgate, rungate and logingate they all record multiple IP logins - This means when someone is pinging the IP to that gate port or its being multi pinged. I'll leave you to figure which one it is, but it could just be somthing innocent.

 

[mercury71]

[13:06:01] ¶ë¿ú¿õᬽ󹥻÷: 86.8.96.80
[14:09:24] ¶ë¿ú¿õᬽ󹥻÷: 86.8.96.80
[14:58:31] ¶ë¿ú¿õᬽ󹥻÷: 189.47.52.61
[15:02:12] ¶ë¿ú¿õᬽ󹥻÷: 189.47.52.61

10:43:20] ìß³ýᬽó: Ip(202.143.120.98),ðåï¢êýá¿(22),êý¾ý°ü³¤¶è(536)
[11:00:06] ìß³ýᬽó: Ip(202.143.120.98),ðåï¢êýá¿(16),êý¾ý°ü³¤¶è(315)
[11:02:03] ìß³ýᬽó: Ip(202.143.120.98),ðåï¢êýá¿(17),êý¾ý°ü³¤¶è(324)

 

[mapadale]

Just to prove not all of us are idiots, heres the ASCII to Chinnese translation and then to english.

[13:06:01] 峨窥旷岈襟攻击: 86.8.96.80
[ 13:06:01 ] 峨 □□岈 the lapel attacks □: 86.8.96.80

The first section means your being DDosed on the selgate.

[11:00:06] 爝除岈襟: Ip(202.143.120.98),疱铫挲峥(16),挲君包长惰(315)[ 11:00:06 ] 爝 eliminates 岈 the lapel: Ip (202.143.120.98), □□挲 □(16), 挲 Mr. Bao?to (315)

Both sets of imforamtion tells me your being pinged at a high rate m8.

@Demonic at least some of us know where to translate ASCII to chinnese, this would have helped the user in the first instance.

 

[mercury71]

ok ty for ur help how do u prevent it or stop it pls

 

[mapadale]

ok ty for ur help how do u prevent it or stop it pls

Best way to stop it is buy changing the ports that it uses - But this means changing the ports right accross the board.
Another way is to check your router and see if it has the option for blocking DDos, most tend to have this option and is good to use as it bounces back the threat as timed out.

 

[mercury71]

might be bringing this server back online BUT need hl pwith ipcop >< its a pain im trying to connect a virgin modem to it and DOH i must be thick cos its double dutch to me can ne 1 hlp pls