El año pasado descubri que estaban usando un router abierto en una entidad de singapore, para atacar mi web y mi equipo (opteniendo la ip desde mis post en la web).
Estan escaneando mis puertos:
Adjunto netstat -n
TCP 192.168.1.1:57306 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57307 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57308 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57309 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57310 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57311 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57312 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57313 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57314 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57315 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57316 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57317 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57320 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57321 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57322 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57323 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57324 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57325 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57326 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57327 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57328 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57329 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57330 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57331 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57334 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57335 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57336 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57337 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57338 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57339 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57340 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57345 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57346 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57347 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57348 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57349 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57350 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57351 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57352 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57353 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57354 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57355 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57356 38.113.165.77:443 TIME_WAIT
TCP 192.168.1.1:57357 38.113.165.77:443 TIME_WAIT
Las ip reales:
http://ipinfodb.com/ip_locator.php?ip=117.79.92.35
220.181.108.139
220.181.108.95
220.181.108.94
220.181.108.173
220.181.108.176
220.181.108.169 etc
que se supone que quieren lograr? jejejeje, ya de por si me tiene jarto las miles de peticiones diarias desde Beijing y Singapore que se generan, no se por que aya los tecnicos tienen que dejar los benditos routers de las empresas con las contraseñas por defecto :S les informe del problema y ni se molestaron en solucionarlo, no se que buscan esos orientales por aca