|
Hi all
Could someone please explain this log to me
Here is some of my network info
IP range aaa.bbb.217.64/255.255.255.192
Router aaa.bbb.217.65
Firewall aaa.bbb.217.99
Broadcast address aaa.bbb.217.127
I am only using 2 external IPs (router & firewall) the rest of my net is 10.0.0.0 network. I often see people trying to connect to my firewall's IP but have never seen anyone trying to connect to my broadcast address. Security Violations =-=-=-=-=-=-=-=-=-= Jan 31 17:28:56 bouncer kernel: Packet log: input DENY eth1
PROTO=6 210.177.11.53:21 aaa.bbb.217.127:21 L=40 S=0x00 I=39426 F=0x0000 T=27
SYN (#13) Jan 31 17:28:58 bouncer kernel: Packet log: input DENY eth1
PROTO=6 210.177.11.53:109 aaa.bbb.217.127:109 L=40 S=0x00 I=39426 F=0x0000 T=27
SYN (#13) Jan 31 17:29:03 bouncer kernel: Packet log: input DENY eth1
PROTO=6 210.177.11.53:53 aaa.bbb.217.127:53 L=40 S=0x00 I=39426 F=0x0000 T=27
SYN (#13) Jan 31 17:29:12 bouncer kernel: Packet log: input DENY eth1
PROTO=6 210.177.11.53:111 aaa.bbb.217.127:111 L=40 S=0x00 I=39426 F=0x0000 T=27
SYN (#13) Jan 31 17:30:07 bouncer kernel: Packet log: input DENY eth1 PROTO=6 210.177.11.53:515 aaa.bbb.217.127:515 L=40 S=0x00 I=39426 F=0x0000 T=27 SYN (#13) Thanks in advance Chris Williamson Jhb South Africa |
- Log question Chris Williamson
- Log question David Loysen
- Re: Log question Jose Nazario
