|
I'm just starting to learn ipchains and have a
Debian GNU/Linux system (woody) setup. This morning, I started getting a lot of
stuff in the log, and I'm not sure what it is. An excerpt from the log is at the
end of the message.
My interpretation is that several computers, all
within the 171.66.x.x subnet are attempting access to my computer. But this
seems rather odd ... could it be that I've configured something wrong and it's
not really coming from these other folks? Then again, this is at Stanford,
and I suppose it's possible that someone has gotten control of some points
within the Stanford network and are launching something against me ... but
there's a part of me that says that I'm just being paranoid.
Thanks!
Jen
Nov 17 06:45:53 towanda syslogd 1.3-3#33.1:
restart.
Nov 17 06:46:01 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15071 F=0x0000 T=128 (#53) Nov 17 06:46:02 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15072 F=0x0000 T=128 (#53) Nov 17 06:46:03 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15073 F=0x0000 T=128 (#53) Nov 17 06:46:04 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.156. 64:138 171.66.255.255:138 L=237 S=0x00 I=48336 F=0x0000 T=128 (#53) Nov 17 06:46:16 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15075 F=0x0000 T=128 (#53) Nov 17 06:46:16 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15076 F=0x0000 T=128 (#53) Nov 17 06:46:17 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15077 F=0x0000 T=128 (#53) Nov 17 06:46:24 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15078 F=0x0000 T=128 (#53) Nov 17 06:46:25 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15079 F=0x0000 T=128 (#53) Nov 17 06:46:25 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15080 F=0x0000 T=128 (#53) Nov 17 06:46:34 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 81:138 171.66.255.255:138 L=240 S=0x00 I=5560 F=0x0000 T=128 (#53) Nov 17 06:46:34 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 81:137 171.66.255.255:137 L=78 S=0x00 I=5562 F=0x0000 T=128 (#53) Nov 17 06:46:35 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 81:137 171.66.255.255:137 L=78 S=0x00 I=5563 F=0x0000 T=128 (#53) Nov 17 06:46:35 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 81:137 171.66.255.255:137 L=78 S=0x00 I=5564 F=0x0000 T=128 (#53) Nov 17 06:46:43 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.157. 111:138 171.66.255.255:138 L=229 S=0x00 I=52182 F=0x0000 T=128 (#53) Nov 17 06:46:44 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.156. 64:137 171.66.255.255:137 L=78 S=0x00 I=48337 F=0x0000 T=128 (#53) Nov 17 06:46:44 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.156. 64:137 171.66.255.255:137 L=78 S=0x00 I=48338 F=0x0000 T=128 (#53) Nov 17 06:46:45 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.156. 64:137 171.66.255.255:137 L=78 S=0x00 I=48339 F=0x0000 T=128 (#53) Nov 17 06:46:45 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15082 F=0x0000 T=128 (#53) Nov 17 06:46:46 towanda kernel: Packet log: input DENY eth0 PROTO=17 171.66.152. 100:137 171.66.255.255:137 L=78 S=0x00 I=15083 F=0x0000 T=128 (#53) |
- Re: Please help w/ ipchains log jennyw
- Re: Please help w/ ipchains log Jose Nazario
