Jump to content

Firewall Attacks :(


Recommended Posts

Hi, it's seemed to start happening when I upgraded from uTorrent 1.5 to 1.6...

I'm now getting hit with wave after wave of "IP Spoof Attack", "Tiny Fragment Attack" and "TCP Sync Flooding"..

These also stop me from browsing...

The following are some examples of each attack..

[iP Spoof Attack] WAN-LAN SrcIP: DstIP: 60.241.119.* Protocol: 255 SrcPort: 0 DstPort: 0

[Tiny Fragment Attack] WAN-LAN SrcIP: DstIP: 60.241.119.* Proto: 255 SrcPort: 0 DstPort: 0

[TCP Sync Flooding] WAN-LAN SrcIP: DstIP: 60.241.119.* Proto: 6 SrcPort: 53144 DstPort: 1027

Any idea how to stop this from happening??

My router supports UPnP, so that's hwo I've setup uTorrent.. it picks a random port everytime it opens..

Link to comment
Share on other sites

That probably won't "solve" the problem with the firewall seeing problems where there probably isn't.

If you disabled DHT all-around and DIDN'T forward UDP on µTorrent's port that might reduce it...but even still you'd probably get a few packets that'd cause that hardware firewall a hissy.

Link to comment
Share on other sites

That doesn't explain why I've had the same setup for over 18 month problem free...

It's only been happening for the last 2 weeks... I don't think it's my router/modem.. I think they're real attacks.

My dynamic IP has changed just then when I rebooted the modem, so hopefully it will stop..

Will run everything as normal with uTorrent closed for 24hr, then open it..

Link to comment
Share on other sites

Have the same problem it came when i upgraded from 1.5 to 1.6

21:16:51 IP Spoofing 00-90-D0-F4-FE-F8

21:16:22 IP Spoofing 00-90-D0-F4-FE-F8

21:16:09 IP Spoofing 00-90-D0-F4-FE-F8

21:15:15 IP Spoofing 00-90-D0-F4-FE-F8

21:14:25 IP Spoofing 00-90-D0-F4-FE-F8

outpost firewall

win xp pro

utorrent 1.6 build 474

Link to comment
Share on other sites

Changing my IP has stopped the attacks.... For now........

Like I thought, they were either uTorrent directly or indirectly..

If it wan't uTorrent, it was the attention Torrents attracts.

Slim, some of my attacks where coming from the IP of my desktop, even when it was turned off..

FYI, uTorrents is running on it's own Win2003 server. And I use fixed IPs.

Link to comment
Share on other sites

I've heard there was a rare loopback issue for people behind a router where the tracker reports their own LAN ip (or their router's LAN ip) as a source to them. I thought that was fixed. I've heard everything from faulty software firewalls to bad hardware routers is the probable cause.

Antivirus software only finds viruses, search for the REST of the maleware using these programs:


SpyBot Seek and Destroy

Ad Aware

(in order of best to worst :P)

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...