OT. Microsoft sending DoS udp_floods

gargoyle60 · Apr 20, 2014

I monitor my home network using Wireshark and some bespoke programs, which have indicated some
potential intrusion attacks (I have used ? to hide sensitive details)...

Frame 1756: 159 bytes on wire Apr 19, 2014 15:06:07 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:04:05 Apr 19 15:04:05 homepc.router: DoS
udp_flood Block(10s) 134.170.97.39,2006 -> ???.???.??.??,7190 PR udp len 20 87

Frame 3370: 160 bytes on wire Apr 19, 2014 15:06:23 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:04:21 Apr 19 15:04:21 homepc.router: DoS
udp_flood Block(10s) 134.170.97.39,2006 -> ???.???.??.??,7190 PR udp len 20 146

Frame 5106: 159 bytes on wire Apr 19, 2014 15:08:01 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:05:58 Apr 19 15:05:58 homepc.router: DoS
udp_flood Block(10s) 65.54.247.101,2005 -> ???.???.??.??,7190 PR udp len 20 54

Frame 6482: 160 bytes on wire Apr 19, 2014 15:08:27 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:06:25 Apr 19 15:06:25 homepc.router: DoS
udp_flood Block(10s) 65.54.247.101,2005 -> ???.???.??.??,7190 PR udp len 20 122

According to xxxxxxxx
134.170.97.39 shows as Microsoft Corporation, USA
65.54.247.101 shows as Microsoft Corporation, USA

so why is Microsoft Corporation sending DoS udp_flood on port 7190 all of a sudden?
I haven't seen these attacks from Microsoft before.

gargoyle60 · Apr 20, 2014

Correction: that should have read "According to APNIC"

Bert · Apr 20, 2014

In gargoyle60

so why is Microsoft Corporation sending DoS udp_flood on port 7190 all
of a sudden? I haven't seen these attacks from Microsoft before.

Comment: To report suspected security issues specific to
traffic emanating from Microsoft online services, including the
distribution of malicious content or other illicit or illegal
material through a Microsoft online service, please submit
reports to:

Comment: * https://cert.microsoft.com.

casey.o · Apr 20, 2014

I monitor my home network using Wireshark and some bespoke programs, which have indicated some
potential intrusion attacks (I have used ? to hide sensitive details)...

Frame 1756: 159 bytes on wire Apr 19, 2014 15:06:07 Src: 192.168.1.??? (192.168.1.???), Dst:
192.168.1.62 (192.168.1.62) LOCAL0.INFO: Apr 19 15:04:05 Apr 19 15:04:05 homepc.router: DoS
udp_flood Block(10s) 134.170.97.39,2006 -> ???.???.??.??,7190 PR udp len 20 87

That is the result of sending Ether eggs via email. They tend to get
stuck in the plug connectors of ethernet cables. Once the Microsoft
Ether bunny is done laying ether eggs, he will unclog any stuck Ether
eggs in the cables.

Happy Ether !!!!

(PeteCresswell) · Apr 21, 2014

Per (e-mail address removed):

That is the result of sending Ether eggs via email. They tend to get
stuck in the plug connectors of ethernet cables.

http://tinyurl.com/m7utwdt

DNS registration on non-permanent WAN link	1	Sep 17, 2003
Confounded and Confused (and annoyed) -detailed post-	1	Jan 6, 2004
RIS on separate server than AD/DHCP (error PXE-E55)	4	Jul 15, 2004
DNS excessive traffic root hints	14	Feb 9, 2005
Windows XP doesn't Boot on FIRST Bootup	6	Aug 7, 2005
Trouble with Direct3D	0	Oct 18, 2007
Game Play.THE SIMS2	1	Mar 9, 2007
Anyone have any info on this ?	8	Dec 18, 2005

OT. Microsoft sending DoS udp_floods

gargoyle60

gargoyle60

Bert

casey.o

(PeteCresswell)

Ask a Question

Similar Threads