OT. Microsoft sending DoS udp_floods

[gargoyle60]

I monitor my home network using Wireshark and some bespoke programs, which have indicated some
potential intrusion attacks (I have used ? to hide sensitive details)...

Frame 1756: 159 bytes on wire Apr 19, 2014 15:06:07 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:04:05 Apr 19 15:04:05 homepc.router: DoS
udp_flood Block(10s) 134.170.97.39,2006 -> ???.???.??.??,7190 PR udp len 20 87

Frame 3370: 160 bytes on wire Apr 19, 2014 15:06:23 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:04:21 Apr 19 15:04:21 homepc.router: DoS
udp_flood Block(10s) 134.170.97.39,2006 -> ???.???.??.??,7190 PR udp len 20 146

Frame 5106: 159 bytes on wire Apr 19, 2014 15:08:01 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:05:58 Apr 19 15:05:58 homepc.router: DoS
udp_flood Block(10s) 65.54.247.101,2005 -> ???.???.??.??,7190 PR udp len 20 54

Frame 6482: 160 bytes on wire Apr 19, 2014 15:08:27 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:06:25 Apr 19 15:06:25 homepc.router: DoS
udp_flood Block(10s) 65.54.247.101,2005 -> ???.???.??.??,7190 PR udp len 20 122


According to xxxxxxxx
134.170.97.39 shows as Microsoft Corporation, USA
65.54.247.101 shows as Microsoft Corporation, USA

so why is Microsoft Corporation sending DoS udp_flood on port 7190 all of a sudden?
I haven't seen these attacks from Microsoft before.

 

[gargoyle60]

Correction: that should have read "According to APNIC"

 

[Bert]

In gargoyle60

so why is Microsoft Corporation sending DoS udp_flood on port 7190 all
of a sudden? I haven't seen these attacks from Microsoft before.

Comment: To report suspected security issues specific to
traffic emanating from Microsoft online services, including the
distribution of malicious content or other illicit or illegal
material through a Microsoft online service, please submit
reports to:

Comment: * https://cert.microsoft.com.

 

[casey.o]

I monitor my home network using Wireshark and some bespoke programs, which have indicated some
potential intrusion attacks (I have used ? to hide sensitive details)...

Frame 1756: 159 bytes on wire Apr 19, 2014 15:06:07 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:04:05 Apr 19 15:04:05 homepc.router: DoS
udp_flood Block(10s) 134.170.97.39,2006 -> ???.???.??.??,7190 PR udp len 20 87

That is the result of sending Ether eggs via email. They tend to get
stuck in the plug connectors of ethernet cables. Once the Microsoft
Ether bunny is done laying ether eggs, he will unclog any stuck Ether
eggs in the cables.

Happy Ether !!!!

 

[(PeteCresswell)]

Per (e-mail address removed):

That is the result of sending Ether eggs via email. They tend to get
stuck in the plug connectors of ethernet cables.

http://tinyurl.com/m7utwdt