When I came in this morning, I noticed a log full of these. The source port
ranged from 1237 to 1534. The source IP address traces back to a dialup
account so I am assuming someone was doing some sort of hack attempt. I am
wondering what this was for, and what could have been gained by connecting
to this port?
Dec 1 01:11:29 brimstone kernel: Packet log: input DENY eth1 PROTO=6
209.195.142.85:1472 12.xx.xx.3:8954 L=48 S=0x00 I=57114 F=0x4000 T=114
Thanks,
Steve Cody
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
