ulrich berthold <[EMAIL PROTECTED]> writes: > "SCAN Proxy (8080) attempt" the next outstanding alarm message was a > "SNMP public access udp". i looked into it and to my surprise found > out, that these packages are originating on the server's external > interface and going to two (nonexistent) privat ip addresses 10.0.1.80 > and 10.1.0.80, about every other hour. i ngrepped the packages and [...] > any hint on how i can find out which process is sending these out? > might it be the hardware (networkcard) itself?
If it's about every hour, I would look into the crontabs, wether there's an entry around that time. Regards, Olaf.