|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
My firewall (SME Server - formerly e-smith) has a bunch of messages
like this in the /var/log/messages:
Aug 1 16:07:17 polaris kernel: denylog:IN=eth1
OUT= MAC=NN:NN:NN:NN:NN:NN:00:01:5c:22:00:02:08:00
SRC=68.111.197.211 DST=68.34.XXX.YYY LEN=48 TOS=0x00
PREC=0x00 TTL=110 ID=10932 DF PROTO=TCP SPT=3811
DPT=5554 WINDOW=64240 RES=0x00 SYN URGP=0
Where NN:NN:NN:NN:NN:NN is my external ethernet card's MAC address
and 68.34.XXX.YYY is the external ethernet card's IP address.
Looks like the firewall is rejecting something - but I'm not 100%
certain what's happening here. Is there some sort of internet
attack taking place?
Eric
--
# Eric Lucas
# "Oh, I have slipped the surly bond of earth
# And danced the skies on laughter-silvered wings...
# -- John Gillespie Magee Jr.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|