La conexión de banda ancha de mi hogar ha estado activa durante todo el día, eché un vistazo a los registros del enrutador y vi lo siguiente:
Mar 27 12:22:30 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=92.48.122.218 DST=x.x.x.x LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=64889 PROTO=TCP SPT=23431 DPT=3306 WINDOW=65535 RES=0x00 SYN U
Mar 27 12:36:57 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=78.101.248.169 DST=x.x.x.x LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=13193 DF PROTO=TCP SPT=58734 DPT=51413 WINDOW=8192 RES=0x00 S
Mar 27 12:39:47 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=78.101.248.169 DST=x.x.x.x LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=16952 DF PROTO=TCP SPT=59817 DPT=51413 WINDOW=8192 RES=0x00 S
Mar 27 12:51:23 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=69.50.194.41 DST=x.x.x.x LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=14530 PROTO=TCP SPT=35855 DPT=22 WINDOW=65535 RES=0x00 SYN URGP
Mar 27 13:09:25 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=222.186.52.77 DST=x.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=97 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=
Mar 27 13:32:24 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=203.156.207.196 DST=x.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=96 ID=256 PROTO=TCP SPT=6000 DPT=1000 WINDOW=16384 RES=0x00 SYN URG
Mar 27 13:45:58 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=60.12.160.66 DST=x.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=46684 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP
Mar 27 14:25:37 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=85.114.129.177 DST=x.x.x.x LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=3057 PROTO=TCP SPT=8473 DPT=3389 WINDOW=65535 RES=0x00 SYN UR
Mar 27 15:04:52 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=60.173.14.89 DST=x.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=99 ID=256 PROTO=TCP SPT=6000 DPT=8909 WINDOW=16384 RES=0x00 SYN URGP=0
Mar 27 15:28:40 kernel: eth3 Link UP 100 mbps full duplex
Mar 27 15:28:50 kernel: eth3 Link DOWN.
Mar 27 15:28:51 kernel: eth3 Link UP 100 mbps full duplex
Mar 27 15:30:25 kernel: eth3 Link DOWN.
Mar 27 15:45:12 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=124.119.118.223 DST=x.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=100 ID=47265 PROTO=TCP SPT=6000 DPT=3389 WINDOW=16384 RES=0x00 SYN
Mar 27 16:02:39 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=2.95.45.184 DST=x.x.x.x LEN=64 TOS=0x00 PREC=0x00 TTL=42 ID=34542 DF PROTO=TCP SPT=1583 DPT=135 WINDOW=53760 RES=0x00 SYN URG
Mar 27 16:06:11 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=58.194.171.217 DST=x.x.x.x LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=61983 DF PROTO=TCP SPT=52273 DPT=3389 WINDOW=5840 RES=0x00 SYN
Mar 27 16:09:45 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=2.192.224.130 DST=x.x.x.x LEN=64 TOS=0x00 PREC=0x00 TTL=31 ID=14217 DF PROTO=TCP SPT=1052 DPT=445 WINDOW=65535 RES=0x00 SYN U
Mar 27 16:46:01 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=24.64.84.167 DST=x.x.x.x LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=29798 DF PROTO=TCP SPT=59723 DPT=51413 WINDOW=65535 RES=0x00 SYN
Mar 27 16:46:03 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=24.64.84.167 DST=x.x.x.x LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=2404 DF PROTO=TCP SPT=59723 DPT=51413 WINDOW=65535 RES=0x00 SYN
Mar 27 16:59:48 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=61.176.192.164 DST=x.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URG
Mar 27 17:28:42 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=89.119.20.254 DST=x.x.x.x LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=6972 DF PROTO=TCP SPT=3522 DPT=23 WINDOW=5840 RES=0x00 SYN URGP
Mar 27 17:29:28 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=122.176.158.232 DST=x.x.x.x LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=2025 DF PROTO=TCP SPT=13851 DPT=443 WINDOW=65535 RES=0x00 SY
Mar 27 17:29:29 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=72.48.98.17 DST=x.x.x.x LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=14331 DF PROTO=TCP SPT=52695 DPT=10261 WINDOW=8192 RES=0x00 SYN
Mar 27 17:29:31 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=122.176.158.232 DST=x.x.x.x LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=2030 DF PROTO=TCP SPT=13851 DPT=443 WINDOW=65535 RES=0x00 SY
Mar 27 17:29:32 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=72.48.98.17 DST=x.x.x.x LEN=52 TOS=0x00 PREC=0x00 TTL=118 ID=14805 DF PROTO=TCP SPT=52695 DPT=10261 WINDOW=8192 RES=0x00 SYN
Mar 27 17:29:34 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=110.23.234.109 DST=x.x.x.x LEN=64 TOS=0x00 PREC=0x00 TTL=49 ID=36150 DF PROTO=TCP SPT=53042 DPT=55802 WINDOW=65535 RES=0x00 S
Mar 27 17:35:36 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=86.68.142.70 DST=x.x.x.x LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=11838 DF PROTO=TCP SPT=49527 DPT=55802 WINDOW=8192 RES=0x00 SYN
Mar 27 17:35:39 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=79.175.234.127 DST=x.x.x.x LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=4333 DF PROTO=TCP SPT=49424 DPT=80 WINDOW=8192 RES=0x00 SYN U
Mar 27 17:47:42 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=68.83.96.247 DST=x.x.x.x LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=9254 DF PROTO=TCP SPT=60863 DPT=55802 WINDOW=8192 RES=0x00 SYN
Mar 27 17:47:43 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=87.68.235.165 DST=x.x.x.x LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=38465 DF PROTO=TCP SPT=64092 DPT=80 WINDOW=5840 RES=0x00 SYN UR
Mar 27 17:47:45 kernel: Intrusion -> IN=atm1 OUT= MAC=34:08:04:00:08:35:18:80:f5:97:9e:98:08:00 SRC=213.130.198.69 DST=x.x.x.x LEN=52 TOS=0x00 PREC=0x00 TTL=44 ID=9364 DF PROTO=TCP SPT=3486 DPT=443 WINDOW=65535 RES=0x00 SYN U
La dirección IP de la que proviene el ataque cambia cada vez, pero el MAC no. ¿Esto es relevante? A partir de lo anterior, todo lo que puedo leer es la dirección IP y el hecho de que se trata de un evento de intrusión del kernel. ¿Hay más información aquí que me estoy perdiendo? ¿Cuál es mi riesgo de esto, si es algún tipo de ataque?