Decipher this security log?

yellowfungus · Post by **yellowfungus** » Tue Nov 12, 2002 2:23 am

What are the entries in bold, and is it anything to worry about? 192.168.2.101 is my roommate's computer, this is the security log of a SMC router on a @home cable service.

11/12/2002 02:18:27 192.168.2.100 login success
11/12/2002 00:39:20 NTP Date/Time updated
11/12/2002 00:38:50 Begin to query NTP
11/11/2002 22:39:20 NTP Date/Time updated
11/11/2002 22:38:51 Begin to query NTP
11/11/2002 20:39:21 NTP Date/Time updated
11/11/2002 20:38:51 Begin to query NTP
11/11/2002 18:39:33 **SYN Flood to Host** 192.168.2.101, 1479->> 207.25.71.252, 80
11/11/2002 18:39:21 NTP Date/Time updated
11/11/2002 18:38:51 Begin to query NTP
11/11/2002 18:37:38 **SYN Flood to Host** 192.168.2.101, 1348->> 207.25.71.241, 80
11/11/2002 16:39:21 NTP Date/Time updated
11/11/2002 16:38:52 Begin to query NTP
11/11/2002 14:39:22 NTP Date/Time updated
11/11/2002 14:38:52 Begin to query NTP
11/11/2002 13:03:57 **SYN Flood to Host** 192.168.2.101, 1198->> 209.52.147.18, 80

Thanks guys

Kalrog · Post by **Kalrog** » Tue Nov 12, 2002 12:04 pm

If I had to guess... I would say someone tried a DoS attack on you.

*awaits the real answer*