Slow Internet IP Flooding

Essohara · 2021-01-21T10:05:04+00:00

Sunrise community - customers help other customers with topics related to television, Internet, telephone and mobile. Register now!

Essohara

Hello,
I would like to report a technical issue with my Internet connection.. I ahve noticed that my Internet connection is very slow (high Latency) and my TV channels are frequently buffering. On 20th Janurary my Gigabox charhed and restarted twice.

I connected to my router on 192.168.0.1 and found the following:

The connection to my router on 192.168.0.1 is very slow.
The network status shows a lot of IP FLOOD notifications>

20-01-2021 18:54:04
notice
IP Flood - SRC=91.232.30.119 MAC=00:17:10:8E:19:0A;CM-MAC=34:2c:c4:60:2e:18;CMTS-MAC=00:17:10:8e:19:0a;CM-QOS=1.1;CM-VER=3.0;

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the “-B” flag.

% Information related to ‘91.232.28.0 - 91.232.31.255’

% Abuse contact for ‘91.232.28.0 - 91.232.31.255’ is ‘abuse@omnilance.com’

inetnum: 91.232.28.0 - 91.232.31.255
netname: ORG-FPA22-RIPE
country: UA
org: ORG-FPA22-RIPE
admin-c: PRO-RIPE
tech-c: PRO-RIPE
status: ASSIGNED PI
mnt-by: SERVER-MNT
mnt-by: RIPE-NCC-END-MNT
created: 2019-11-18T07:52:34Z
last-modified: 2020-11-16T17:48:26Z
source: RIPE
sponsoring-org: ORG-OL148-RIPE

organisation: ORG-FPA22-RIPE
org-name: FOP PROVORNY O.L.
org-type: OTHER
address: Velika Morska str. 23, of. 28
address: 54030
address: Mykolayiv
address: UKRAINE
phone: +380 44 593-74-78
phone: +380 512 76-68-78
admin-c: PRO-RIPE
tech-c: PRO-RIPE
abuse-c: AR34246-RIPE
mnt-ref: SERVER-MNT
mnt-by: SERVER-MNT
created: 2019-11-12T14:04:06Z
last-modified: 2019-11-12T18:12:28Z
source: RIPE # Filtered

person: Alex Provorny
address: UA
address: Kyiv
phone: +380 67 132-90-09
nic-hdl: PRO-RIPE
mnt-by: OMNILANCE-MNT
created: 2005-10-29T06:31:59Z
last-modified: 2017-08-05T15:11:14Z
source: RIPE

% Information related to ‘91.232.30.0/23AS41018’

route: 91.232.30.0/23
descr: OMNILANCE LTD
origin: AS41018
mnt-by: OMNILANCE-MNT
created: 2015-11-05T12:06:29Z
last-modified: 2015-11-05T12:08:15Z
source: RIPE

The IP address has been reported 2 times in January for accessingn on-authorised ports (https://www.abuseipdb.com/check/91.232.30.119). The host is an Ubuntu server with SSH and Web services open.The host is misconfigured - http://91.232.30.119/And not fully patched - runs OpenSSH 7.6p1 It seems to be a compromised machine.

Can you please examine my connection and try to find a remedy.
Thanks

Daniele_Sunrise

Essohara , Welcome to the UPC Community!

Please send us your customer number, address and date of birth via private message. We will be happy to check the configuration of your modem.

Greetings
Daniele