Buenas chicos. En casa tenemos ADSL de Vodafone, al router hay conectados siempre entre 4 y 8 equipos (Windows, Linux, Móviles mi MacMini y mi MacBook). El problema viene siempre por el MacBook, que tiene asignada la IP local 192.168.1.192, siempre fija.
El MacBook tiene instalada la última versión de Snow Leopard con todas las actualizaciones, y que yo sepa ningún malware ni cosa parecida (el MacMini tiene Lion).
En el firewall del router aparecen continuamente estos mensajes:
Registro del firewall
Nov 1 22:09:18 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:10:22 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:10:22 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:10:22 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:10:22 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:10:22 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:54 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:54 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:54 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:54 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:54 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:55 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:55 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:55 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:55 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:43:55 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:00 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:04 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:12 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:28 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:28 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:28 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:49 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:49 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:49 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:44:49 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:45:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:45:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:45:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:45:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 1 22:45:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:32:22 kernel: [fwlog] Udp bomb attack, SRC=218.76.138.156 DST=Mi IP.
Nov 2 00:55:44 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:44 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:44 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:44 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:44 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:55:50 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:56:01 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:56:01 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:56:09 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:56:09 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:56:41 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:56:41 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:56:41 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:56:41 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:56:41 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:57:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:57:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:57:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:57:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 00:57:45 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 01:06:08 kernel: [fwlog] Udp bomb attack, SRC=218.76.138.156 DST=Mi IP.
Nov 2 01:13:53 kernel: [fwlog] Udp bomb attack, SRC=218.76.138.156 DST=Mi IP.
Nov 2 01:52:06 kernel: [fwlog] Udp bomb attack, SRC=218.76.138.156 DST=Mi IP.
Nov 2 02:14:10 kernel: [fwlog] Udp bomb attack, SRC=218.76.138.156 DST=Mi IP.
Nov 2 02:26:57 kernel: [fwlog] Udp bomb attack, SRC=218.76.138.156 DST=Mi IP.
Nov 2 02:39:58 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:39:58 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:39:58 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:39:58 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:39:58 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:00 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:00 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:00 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:00 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:00 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:03 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:13 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:13 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:21 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:40:53 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:41:57 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:41:57 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:41:57 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:41:57 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:41:57 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 02:59:49 kernel: [fwlog] Udp bomb attack, SRC=218.76.138.156 DST=Mi IP.
Nov 2 03:31:21 kernel: [fwlog] Udp bomb attack, SRC=218.76.138.156 DST=Mi IP.
Nov 2 03:40:27 kernel: [fwlog] Udp bomb attack, SRC=218.76.138.156 DST=Mi IP.
Nov 2 08:05:37 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:37 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:37 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:37 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:37 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:38 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:38 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:38 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:38 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:38 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:43 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:47 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:05:55 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:06:11 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:06:11 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:06:11 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:06:31 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:06:31 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:06:31 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:06:31 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:07:35 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:07:35 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:07:35 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:07:35 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Nov 2 08:07:35 kernel: [fwlog] Udp bomb attack, SRC=192.168.1.192 DST=224.0.0.251.
Si miro la IP de destino con un WhoIs me sale lo siguiente:
NetRange: 224.0.0.0 - 239.255.255.255
CIDR: 224.0.0.0/4
OriginAS:
NetName: MCAST-NET
NetHandle: NET-224-0-0-0-1
Parent:
NetType: IANA Special Use
Comment: This block is reserved for special purposes.
Comment: Please see RFC 3171 for additional information.
RegDate: 1991-05-22
Updated: 2002-09-16
Ref: whois.arin.net/rest/net/NET-224-0-0-0-1
OrgName: Internet Assigned Numbers Authority
OrgId: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US
RegDate:
Updated: 2004-02-24
Ref: whois.arin.net/rest/org/IANA
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: [img]http://source.domaintools.com/email.pgif?md5=d59b06fd74e3776b65830fddb7c108c1&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img]
OrgTechRef: whois.arin.net/rest/poc/IANA-IP-ARIN
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: [img]http://source.domaintools.com/email.pgif?md5=d59b06fd74e3776b65830fddb7c108c1&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img]
OrgAbuseRef: whois.arin.net/rest/poc/IANA-IP-ARIN
En cambio en las que atacan mi IP (que es fija) me sale ésto si hago un Whois:
inetnum: 218.76.128.0 - 218.76.143.255
netname: CHINANET-HN-LD
country: CN
descr: CHINANET-HN LouDi node network
descr: hunan Telecom
admin-c: CHL26-AP
tech-c: CH636-AP
status: ALLOCATED NON-PORTABLE
changed: [img]http://source.domaintools.com/email.pgif?md5=9e22ba52ff38904d4a301ade0817949a&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img] 20050914
mnt-by: MAINT-CHINANET-HN
mnt-lower: MAINT-CHINANET-HN-LD
source: APNIC
role: CHINANET HuNan LouDi
address: No.26 ChangQing middle street Loudi,Hunanan 417000
country: CN
phone: +86 738 8228833
fax-no: +86 738 8227079
e-mail: [img]http://source.domaintools.com/email.pgif?md5=a8904269b452e1898d5eb91eb03fa711&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img]
trouble: send spam reports to [img]http://source.domaintools.com/email.pgif?md5=87a65d73f426e9dd991426e1310e992a&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img]
trouble: and abuse reports to [img]http://source.domaintools.com/email.pgif?md5=a8904269b452e1898d5eb91eb03fa711&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img]
trouble: Please include detailed information and
trouble: times in UTC
admin-c: LD228-AP
tech-c: LD228-AP
nic-hdl: CHL26-AP
mnt-by: MAINT-CHINANET-HN-LD
changed: [img]http://source.domaintools.com/email.pgif?md5=9e22ba52ff38904d4a301ade0817949a&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img] 20050818
source: APNIC
role: CHINANET HUNAN
address: No.1 TuanJie road,ChangSha,Hunan 410005
country: CN
phone: +86 731 4792092
fax-no: +86 731 4792007
e-mail: [img]http://source.domaintools.com/email.pgif?md5=9dcf390d91257ebde53485ead88ac619&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img]
trouble: send spam reports to [img]http://source.domaintools.com/email.pgif?md5=5de7878266722ce606ba5218d51e85b7&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img]
trouble: and abuse reports to [img]http://source.domaintools.com/email.pgif?md5=9dcf390d91257ebde53485ead88ac619&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img]
trouble: Please include detailed information and
trouble: times in UTC
admin-c: CH632-AP
tech-c: CS499-AP
nic-hdl: CH636-AP
mnt-by: MAINT-CHINANET-HN
changed: [img]http://source.domaintools.com/email.pgif?md5=9e22ba52ff38904d4a301ade0817949a&face=arial&size=9&color=000000&bgcolor=FFFFFF&face=arial&size=9&color=0000FF&bgcolor=FFFFFF&format[]=underline&format[]=transparent&format[]=transparent[/img] 20050816
source: APNIC
Y estoy atascado, de aquí no soy capaz de pasar. Un poco de ayuda, please!