DoS attack: RST Scan / IP Spoofing Attack - on Router Log

[mathrisk]

Saw an weird behavior on the iPad few minutes ago. Few keys on the keyboard were automatically getting clicked/pressed when some app was open, on homescreen some random app was opening automatically.
I had switch off the WiFi and then things became normal again.

What was that may be? Some kind of attack ??
If so, what are my next logical steps should be?
How to diagonise the iPad? My Credit Card is linked to my apple id !!!

I use Netgear router. Below are snippet from the router logs ....

DoS attack: RST Scan from source: 216.58.220.34:443, Sunday, August 16,2015 16:14:05
[DoS attack: RST Scan] from source: 216.58.220.37:443, Sunday, August 16,2015 16:04:13
[DoS attack: RST Scan] from source: 216.58.220.46:443, Sunday, August 16,2015 16:02:46
.....
.....
[DoS attack: RST Scan] from source: 216.58.220.46:443, Sunday, August 16,2015 15:14:04
[DoS attack: IP Spoofing Attack] from source: 192.168.1.2, Sunday, August 16,2015 14:46:11
[DoS attack: IP Spoofing Attack] from source: 192.168.1.2, Sunday, August 16,2015 14:46:02
[DoS attack: IP Spoofing Attack] from source: 192.168.1.2, Sunday, August 16,2015 14:41:10
.....
.....
[LAN access from remote] from 193.188.99.81:37079 to 192.168.1.2:55027, Sunday, August 16,2015 13:52:02
[LAN access from remote] from 2.91.211.179:15811 to 192.168.1.2:55027, Sunday, August 16,2015 13:52:02
[LAN access from remote] from 2.91.211.179:52662 to 192.168.1.2:55027, Sunday, August 16,2015 13:52:02

Are these something to worry about?
Am I being 'hacked' !!!

ps: I was watching Mr Robot. Hope I am not being paranoid here.

 

[bigb123]

Might be fsociety or the dark army...who knows...burn the ipad in oven to be on a safer side.. [emoji12]

 

[mathrisk]

^

Anyone got any serious take on the matter ?

 

[vivek.krishnan]

What the hell were you doing man? those IPs - they are part of Jobs from hell! He is trying to make your iPad into another zombie device. Control you!

Anyways, are you running torrents? The last lines were consistent with DHT. As for the IP Address, that is from Google and most likely clean.

 

[axeman]

ipad is rooted?

 

[RajeshJ]

http://2.91.211.179.ipaddress.com/
http://193.188.99.81.ipaddress.com/

how many device you have in network ? 192.168.1.2 is ur IP address of Ipad ?

if your router have option to block source IP block traffic from above two address 2.91.211.179 & 193.188.99.81 ,

Also Remove all unwanted application from Ipad /Network devices /Update /scan

 

[mathrisk]

Anyways, are you running torrents? The last lines were consistent with DHT. As for the IP Address, that is from Google and most likely clean.

No torrent was running at that moment.

ipad is rooted?

Nope.

http://2.91.211.179.ipaddress.com/
http://193.188.99.81.ipaddress.com/

how many device you have in network ? 192.168.1.2 is ur IP address of Ipad ?

if your router have option to block source IP block traffic from above two address 2.91.211.179 & 193.188.99.81 ,

Also Remove all unwanted application from Ipad /Network devices /Update /scan

In my network, I have 2 phones + 1 iPad over Wifi, 1 desktop via ethernet.
About the IP of the ipad, I am not sure if 192.168.1.2 was assigned to my iPad, as I had toggled WiFi connection in my phone and iPad quite a few times before I checked the logs.

Checked the ipad, there's no such app that I don't recongnize.

 

[bigb123]

Google the random app that was running on your ipad...you might get some idea...

 

[suds]

dude the ip address you mentioned belongs to google. It seems the digitizer on your ipad is gone bad

---------------------
NetRange: 216.58.192.0 - 216.58.223.255
CIDR: 216.58.192.0/19
NetName: GOOGLE
NetHandle: NET-216-58-192-0-1
Parent: NET216 (NET-216-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS15169
--------------------------------