---------- Forwarded Message ----------
Subject: Visiteur ind�sirable?
Date: Mon, 14 May 2001 09:54:56 +0200
From: Alain Barth�lemy <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Bonjour,
Toutes les sorties de ipchains sont logg�s en /var/log/firewall et
/var/log/messages.
Dans /var/log/firewall, je ne vois que des DENY mais dans /var/log/messages,
j'ai eu la surprise de voir:
D�sol�, c'est un peu long.
Je constate de nombreux echo request et je pourrais bloquer cela avec une
r�gle ipchains (en INPUT) ainsi que les echo-reply (en OUTPUT).
Je vois que 208.63.220.223 fait plusieurs requ�tes TCP � partir de ports
diff�rents et vers le port 6699. J'�tais rassur� car je voyais partout "DENY"
(ipchains est configur� pour rejecter les requ�tes TCP).
Je dois encore am�liorer les r�gles ipchains et j'attends de tomber sur une
doc d�taill�e ou avec des scripts exemples bien comment�. Il para�t que cela
existe. Si quelqu'un a une adresse url?
Ce qui m'inqui�te dans mon cas, c'est:
May 14 00:15:12 toc su: (to nobody) root on none
May 14 00:15:12 toc PAM-unix2[4623]: session started for user nobody, service
su
Je n'aime pas "session started for user nobody, service su" J'ai pourtant
empech� toute tentative de connexion TCP (flag -y).
Tout commentaire ou suggestion est la bienvenue.
May 14 00:15:14 toc pppd[4244]: sent [LCP EchoReq id=0x95 magic=0x69fc4fa4]
May 14 00:15:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x95 magic=0xef6bce5]
May 14 00:15:34 toc pppd[4244]: sent [LCP EchoReq id=0x96 magic=0x69fc4fa4]
May 14 00:15:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x96 magic=0xef6bce5]
May 14 00:15:37 toc pppd[4244]: rcvd [LCP EchoReq id=0xa magic=0xef6bce5]
May 14 00:15:37 toc pppd[4244]: sent [LCP EchoRep id=0xa magic=0x69fc4fa4]
May 14 00:15:54 toc pppd[4244]: sent [LCP EchoReq id=0x97 magic=0x69fc4fa4]
May 14 00:15:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x97 magic=0xef6bce5]
May 14 00:16:09 toc /usr/sbin/gpm[466]: No data
May 14 00:16:14 toc pppd[4244]: sent [LCP EchoReq id=0x98 magic=0x69fc4fa4]
May 14 00:16:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x98 magic=0xef6bce5]
May 14 00:16:34 toc pppd[4244]: sent [LCP EchoReq id=0x99 magic=0x69fc4fa4]
May 14 00:16:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x99 magic=0xef6bce5]
May 14 00:16:54 toc pppd[4244]: sent [LCP EchoReq id=0x9a magic=0x69fc4fa4]
May 14 00:16:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x9a magic=0xef6bce5]
May 14 00:17:08 toc PAM-unix2[4623]: session finished for user nobody,
service su
==============================================================
May 13 23:50:33 toc pppd[4244]: sent [LCP EchoReq id=0x4b magic=0x69fc4fa4]
May 13 23:50:33 toc pppd[4244]: rcvd [LCP EchoRep id=0x4b magic=0xef6bce5]
May 13 23:50:36 toc pppd[4244]: rcvd [LCP EchoReq id=0x5 magic=0xef6bce5]
May 13 23:50:36 toc pppd[4244]: sent [LCP EchoRep id=0x5 magic=0x69fc4fa4]
May 13 23:50:53 toc pppd[4244]: sent [LCP EchoReq id=0x4c magic=0x69fc4fa4]
May 13 23:50:53 toc pppd[4244]: rcvd [LCP EchoRep id=0x4c magic=0xef6bce5]
May 13 23:51:13 toc pppd[4244]: sent [LCP EchoReq id=0x4d magic=0x69fc4fa4]
May 13 23:51:13 toc pppd[4244]: rcvd [LCP EchoRep id=0x4d magic=0xef6bce5]
May 13 23:51:33 toc pppd[4244]: sent [LCP EchoReq id=0x4e magic=0x69fc4fa4]
May 13 23:51:33 toc pppd[4244]: rcvd [LCP EchoRep id=0x4e magic=0xef6bce5]
May 13 23:51:53 toc pppd[4244]: sent [LCP EchoReq id=0x4f magic=0x69fc4fa4]
May 13 23:51:53 toc pppd[4244]: rcvd [LCP EchoRep id=0x4f magic=0xef6bce5]
May 13 23:52:13 toc pppd[4244]: sent [LCP EchoReq id=0x50 magic=0x69fc4fa4]
May 13 23:52:13 toc pppd[4244]: rcvd [LCP EchoRep id=0x50 magic=0xef6bce5]
May 13 23:52:33 toc pppd[4244]: sent [LCP EchoReq id=0x51 magic=0x69fc4fa4]
May 13 23:52:33 toc pppd[4244]: rcvd [LCP EchoRep id=0x51 magic=0xef6bce5]
May 13 23:52:53 toc pppd[4244]: sent [LCP EchoReq id=0x52 magic=0x69fc4fa4]
May 13 23:52:53 toc pppd[4244]: rcvd [LCP EchoRep id=0x52 magic=0xef6bce5]
May 13 23:53:13 toc pppd[4244]: sent [LCP EchoReq id=0x53 magic=0x69fc4fa4]
May 13 23:53:13 toc pppd[4244]: rcvd [LCP EchoRep id=0x53 magic=0xef6bce5]
May 13 23:53:20 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2573 217.136.64.59:6699 L=48 S=0x00 I=15873 F=0x4000 T=112 SYN
(#3)
May 13 23:53:23 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2573 217.136.64.59:6699 L=48 S=0x00 I=15995 F=0x4000 T=112 SYN
(#3)
May 13 23:53:29 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2573 217.136.64.59:6699 L=48 S=0x00 I=16214 F=0x4000 T=112 SYN
(#3)
May 13 23:53:33 toc pppd[4244]: sent [LCP EchoReq id=0x54 magic=0x69fc4fa4]
May 13 23:53:33 toc pppd[4244]: rcvd [LCP EchoRep id=0x54 magic=0xef6bce5]
May 13 23:53:53 toc pppd[4244]: sent [LCP EchoReq id=0x55 magic=0x69fc4fa4]
May 13 23:53:53 toc pppd[4244]: rcvd [LCP EchoRep id=0x55 magic=0xef6bce5]
May 13 23:54:13 toc pppd[4244]: sent [LCP EchoReq id=0x56 magic=0x69fc4fa4]
May 13 23:54:13 toc pppd[4244]: rcvd [LCP EchoRep id=0x56 magic=0xef6bce5]
May 13 23:54:33 toc pppd[4244]: sent [LCP EchoReq id=0x57 magic=0x69fc4fa4]
May 13 23:54:33 toc pppd[4244]: rcvd [LCP EchoRep id=0x57 magic=0xef6bce5]
May 13 23:54:53 toc pppd[4244]: sent [LCP EchoReq id=0x58 magic=0x69fc4fa4]
May 13 23:54:53 toc pppd[4244]: rcvd [LCP EchoRep id=0x58 magic=0xef6bce5]
May 13 23:55:13 toc pppd[4244]: sent [LCP EchoReq id=0x59 magic=0x69fc4fa4]
May 13 23:55:13 toc pppd[4244]: rcvd [LCP EchoRep id=0x59 magic=0xef6bce5]
May 13 23:55:33 toc pppd[4244]: sent [LCP EchoReq id=0x5a magic=0x69fc4fa4]
May 13 23:55:33 toc pppd[4244]: rcvd [LCP EchoRep id=0x5a magic=0xef6bce5]
May 13 23:55:36 toc pppd[4244]: rcvd [LCP EchoReq id=0x6 magic=0xef6bce5]
May 13 23:55:36 toc pppd[4244]: sent [LCP EchoRep id=0x6 magic=0x69fc4fa4]
May 13 23:55:53 toc pppd[4244]: sent [LCP EchoReq id=0x5b magic=0x69fc4fa4]
May 13 23:55:53 toc pppd[4244]: rcvd [LCP EchoRep id=0x5b magic=0xef6bce5]
May 13 23:56:13 toc pppd[4244]: sent [LCP EchoReq id=0x5c magic=0x69fc4fa4]
May 13 23:56:13 toc pppd[4244]: rcvd [LCP EchoRep id=0x5c magic=0xef6bce5]
May 13 23:56:23 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2588 217.136.64.59:6699 L=48 S=0x00 I=22951 F=0x4000 T=112 SYN
(#3)
May 13 23:56:25 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2588 217.136.64.59:6699 L=48 S=0x00 I=23064 F=0x4000 T=112 SYN
(#3)
May 13 23:56:31 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2588 217.136.64.59:6699 L=48 S=0x00 I=23330 F=0x4000 T=112 SYN
(#3)
May 13 23:56:33 toc pppd[4244]: sent [LCP EchoReq id=0x5d magic=0x69fc4fa4]
May 13 23:56:33 toc pppd[4244]: rcvd [LCP EchoRep id=0x5d magic=0xef6bce5]
May 13 23:56:53 toc pppd[4244]: sent [LCP EchoReq id=0x5e magic=0x69fc4fa4]
May 13 23:56:53 toc pppd[4244]: rcvd [LCP EchoRep id=0x5e magic=0xef6bce5]
May 13 23:57:13 toc pppd[4244]: sent [LCP EchoReq id=0x5f magic=0x69fc4fa4]
May 13 23:57:13 toc pppd[4244]: rcvd [LCP EchoRep id=0x5f magic=0xef6bce5]
May 13 23:57:33 toc pppd[4244]: sent [LCP EchoReq id=0x60 magic=0x69fc4fa4]
May 13 23:57:33 toc pppd[4244]: rcvd [LCP EchoRep id=0x60 magic=0xef6bce5]
May 13 23:57:53 toc pppd[4244]: sent [LCP EchoReq id=0x61 magic=0x69fc4fa4]
May 13 23:57:53 toc pppd[4244]: rcvd [LCP EchoRep id=0x61 magic=0xef6bce5]
May 13 23:58:13 toc pppd[4244]: sent [LCP EchoReq id=0x62 magic=0x69fc4fa4]
May 13 23:58:13 toc pppd[4244]: rcvd [LCP EchoRep id=0x62 magic=0xef6bce5]
May 13 23:58:33 toc pppd[4244]: sent [LCP EchoReq id=0x63 magic=0x69fc4fa4]
May 13 23:58:33 toc pppd[4244]: rcvd [LCP EchoRep id=0x63 magic=0xef6bce5]
May 13 23:58:53 toc pppd[4244]: sent [LCP EchoReq id=0x64 magic=0x69fc4fa4]
May 13 23:58:53 toc pppd[4244]: rcvd [LCP EchoRep id=0x64 magic=0xef6bce5]
May 13 23:59:00 toc /USR/SBIN/CRON[4325]: (root) CMD ( rm -f
/var/spool/cron/lastrun/cron.hourly)
May 13 23:59:13 toc pppd[4244]: sent [LCP EchoReq id=0x65 magic=0x69fc4fa4]
May 13 23:59:13 toc pppd[4244]: rcvd [LCP EchoRep id=0x65 magic=0xef6bce5]
May 13 23:59:26 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2599 217.136.64.59:6699 L=48 S=0x00 I=29833 F=0x4000 T=112 SYN
(#3)
May 13 23:59:29 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2599 217.136.64.59:6699 L=48 S=0x00 I=29929 F=0x4000 T=112 SYN
(#3)
May 13 23:59:33 toc pppd[4244]: sent [LCP EchoReq id=0x66 magic=0x69fc4fa4]
May 13 23:59:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x66 magic=0xef6bce5]
May 13 23:59:34 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2599 217.136.64.59:6699 L=48 S=0x00 I=30128 F=0x4000 T=112 SYN
(#3)
May 13 23:59:54 toc pppd[4244]: sent [LCP EchoReq id=0x67 magic=0x69fc4fa4]
May 13 23:59:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x67 magic=0xef6bce5]
May 13 23:59:59 toc kernel: Packet log: input DENY ppp0 PROTO=6
213.141.50.70:3694 217.136.64.59:6699 L=48 S=0x00 I=18542 F=0x4000 T=114 SYN
(#3)
May 14 00:00:01 toc kernel: Packet log: input DENY ppp0 PROTO=6
213.141.50.70:3694 217.136.64.59:6699 L=48 S=0x00 I=28526 F=0x4000 T=114 SYN
(#3)
May 14 00:00:07 toc kernel: Packet log: input DENY ppp0 PROTO=6
213.141.50.70:3694 217.136.64.59:6699 L=48 S=0x00 I=53358 F=0x4000 T=114 SYN
(#3)
May 14 00:00:14 toc pppd[4244]: sent [LCP EchoReq id=0x68 magic=0x69fc4fa4]
May 14 00:00:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x68 magic=0xef6bce5]
May 14 00:00:19 toc kernel: Packet log: input DENY ppp0 PROTO=6
213.141.50.70:3694 217.136.64.59:6699 L=48 S=0x00 I=41839 F=0x4000 T=114 SYN
(#3)
May 14 00:00:34 toc pppd[4244]: sent [LCP EchoReq id=0x69 magic=0x69fc4fa4]
May 14 00:00:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x69 magic=0xef6bce5]
May 14 00:00:37 toc pppd[4244]: rcvd [LCP EchoReq id=0x7 magic=0xef6bce5]
May 14 00:00:37 toc pppd[4244]: sent [LCP EchoRep id=0x7 magic=0x69fc4fa4]
May 14 00:00:54 toc pppd[4244]: sent [LCP EchoReq id=0x6a magic=0x69fc4fa4]
May 14 00:00:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x6a magic=0xef6bce5]
May 14 00:01:14 toc pppd[4244]: sent [LCP EchoReq id=0x6b magic=0x69fc4fa4]
May 14 00:01:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x6b magic=0xef6bce5]
May 14 00:01:34 toc pppd[4244]: sent [LCP EchoReq id=0x6c magic=0x69fc4fa4]
May 14 00:01:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x6c magic=0xef6bce5]
May 14 00:01:54 toc pppd[4244]: sent [LCP EchoReq id=0x6d magic=0x69fc4fa4]
May 14 00:01:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x6d magic=0xef6bce5]
May 14 00:02:14 toc pppd[4244]: sent [LCP EchoReq id=0x6e magic=0x69fc4fa4]
May 14 00:02:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x6e magic=0xef6bce5]
May 14 00:02:29 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2617 217.136.64.59:6699 L=48 S=0x00 I=35740 F=0x4000 T=112 SYN
(#3)
May 14 00:02:31 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2617 217.136.64.59:6699 L=48 S=0x00 I=35823 F=0x4000 T=112 SYN
(#3)
May 14 00:02:34 toc pppd[4244]: sent [LCP EchoReq id=0x6f magic=0x69fc4fa4]
May 14 00:02:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x6f magic=0xef6bce5]
May 14 00:02:37 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2617 217.136.64.59:6699 L=48 S=0x00 I=36036 F=0x4000 T=112 SYN
(#3)
May 14 00:02:54 toc pppd[4244]: sent [LCP EchoReq id=0x70 magic=0x69fc4fa4]
May 14 00:02:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x70 magic=0xef6bce5]
May 14 00:03:14 toc pppd[4244]: sent [LCP EchoReq id=0x71 magic=0x69fc4fa4]
May 14 00:03:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x71 magic=0xef6bce5]
May 14 00:03:34 toc pppd[4244]: sent [LCP EchoReq id=0x72 magic=0x69fc4fa4]
May 14 00:03:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x72 magic=0xef6bce5]
May 14 00:03:54 toc pppd[4244]: sent [LCP EchoReq id=0x73 magic=0x69fc4fa4]
May 14 00:03:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x73 magic=0xef6bce5]
May 14 00:04:14 toc pppd[4244]: sent [LCP EchoReq id=0x74 magic=0x69fc4fa4]
May 14 00:04:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x74 magic=0xef6bce5]
May 14 00:04:15 toc kernel: Packet log: input DENY ppp0 PROTO=6
207.35.15.198:3407 217.136.64.59:1214 L=48 S=0x00 I=56584 F=0x4000 T=107 SYN
(#3)
May 14 00:04:18 toc kernel: Packet log: input DENY ppp0 PROTO=6
207.35.15.198:3407 217.136.64.59:1214 L=48 S=0x00 I=56840 F=0x4000 T=107 SYN
(#3)
May 14 00:04:24 toc kernel: Packet log: input DENY ppp0 PROTO=6
207.35.15.198:3407 217.136.64.59:1214 L=48 S=0x00 I=63240 F=0x4000 T=107 SYN
(#3)
May 14 00:04:34 toc pppd[4244]: sent [LCP EchoReq id=0x75 magic=0x69fc4fa4]
May 14 00:04:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x75 magic=0xef6bce5]
May 14 00:04:36 toc kernel: Packet log: input DENY ppp0 PROTO=6
207.35.15.198:3407 217.136.64.59:1214 L=48 S=0x00 I=521 F=0x4000 T=107 SYN
(#3)
May 14 00:04:54 toc pppd[4244]: sent [LCP EchoReq id=0x76 magic=0x69fc4fa4]
May 14 00:04:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x76 magic=0xef6bce5]
May 14 00:05:14 toc pppd[4244]: sent [LCP EchoReq id=0x77 magic=0x69fc4fa4]
May 14 00:05:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x77 magic=0xef6bce5]
May 14 00:05:33 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2641 217.136.64.59:6699 L=48 S=0x00 I=41799 F=0x4000 T=112 SYN
(#3)
May 14 00:05:34 toc pppd[4244]: sent [LCP EchoReq id=0x78 magic=0x69fc4fa4]
May 14 00:05:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x78 magic=0xef6bce5]
May 14 00:05:36 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2641 217.136.64.59:6699 L=48 S=0x00 I=41920 F=0x4000 T=112 SYN
(#3)
May 14 00:05:37 toc pppd[4244]: rcvd [LCP EchoReq id=0x8 magic=0xef6bce5]
May 14 00:05:37 toc pppd[4244]: sent [LCP EchoRep id=0x8 magic=0x69fc4fa4]
May 14 00:05:42 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2641 217.136.64.59:6699 L=48 S=0x00 I=42129 F=0x4000 T=112 SYN
(#3)
May 14 00:05:54 toc pppd[4244]: sent [LCP EchoReq id=0x79 magic=0x69fc4fa4]
May 14 00:05:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x79 magic=0xef6bce5]
May 14 00:06:14 toc pppd[4244]: sent [LCP EchoReq id=0x7a magic=0x69fc4fa4]
May 14 00:06:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x7a magic=0xef6bce5]
May 14 00:06:34 toc pppd[4244]: sent [LCP EchoReq id=0x7b magic=0x69fc4fa4]
May 14 00:06:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x7b magic=0xef6bce5]
May 14 00:06:54 toc pppd[4244]: sent [LCP EchoReq id=0x7c magic=0x69fc4fa4]
May 14 00:06:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x7c magic=0xef6bce5]
May 14 00:07:14 toc pppd[4244]: sent [LCP EchoReq id=0x7d magic=0x69fc4fa4]
May 14 00:07:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x7d magic=0xef6bce5]
May 14 00:07:34 toc pppd[4244]: sent [LCP EchoReq id=0x7e magic=0x69fc4fa4]
May 14 00:07:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x7e magic=0xef6bce5]
May 14 00:07:54 toc pppd[4244]: sent [LCP EchoReq id=0x7f magic=0x69fc4fa4]
May 14 00:07:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x7f magic=0xef6bce5]
May 14 00:08:14 toc pppd[4244]: sent [LCP EchoReq id=0x80 magic=0x69fc4fa4]
May 14 00:08:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x80 magic=0xef6bce5]
May 14 00:08:34 toc pppd[4244]: sent [LCP EchoReq id=0x81 magic=0x69fc4fa4]
May 14 00:08:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x81 magic=0xef6bce5]
May 14 00:08:38 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2701 217.136.64.59:6699 L=48 S=0x00 I=48062 F=0x4000 T=112 SYN
(#3)
May 14 00:08:40 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2701 217.136.64.59:6699 L=48 S=0x00 I=48159 F=0x4000 T=112 SYN
(#3)
May 14 00:08:47 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2701 217.136.64.59:6699 L=48 S=0x00 I=48355 F=0x4000 T=112 SYN
(#3)
May 14 00:08:54 toc pppd[4244]: sent [LCP EchoReq id=0x82 magic=0x69fc4fa4]
May 14 00:08:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x82 magic=0xef6bce5]
May 14 00:09:14 toc pppd[4244]: sent [LCP EchoReq id=0x83 magic=0x69fc4fa4]
May 14 00:09:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x83 magic=0xef6bce5]
May 14 00:09:34 toc pppd[4244]: sent [LCP EchoReq id=0x84 magic=0x69fc4fa4]
May 14 00:09:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x84 magic=0xef6bce5]
May 14 00:09:54 toc pppd[4244]: sent [LCP EchoReq id=0x85 magic=0x69fc4fa4]
May 14 00:09:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x85 magic=0xef6bce5]
May 14 00:10:14 toc pppd[4244]: sent [LCP EchoReq id=0x86 magic=0x69fc4fa4]
May 14 00:10:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x86 magic=0xef6bce5]
May 14 00:10:34 toc pppd[4244]: sent [LCP EchoReq id=0x87 magic=0x69fc4fa4]
May 14 00:10:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x87 magic=0xef6bce5]
May 14 00:10:37 toc pppd[4244]: rcvd [LCP EchoReq id=0x9 magic=0xef6bce5]
May 14 00:10:37 toc pppd[4244]: sent [LCP EchoRep id=0x9 magic=0x69fc4fa4]
May 14 00:10:54 toc pppd[4244]: sent [LCP EchoReq id=0x88 magic=0x69fc4fa4]
May 14 00:10:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x88 magic=0xef6bce5]
May 14 00:11:10 toc kernel: Packet log: input DENY ppp0 PROTO=6
207.35.15.198:3466 217.136.64.59:1214 L=48 S=0x00 I=30988 F=0x4000 T=107 SYN
(#3)
May 14 00:11:13 toc kernel: Packet log: input DENY ppp0 PROTO=6
207.35.15.198:3466 217.136.64.59:1214 L=48 S=0x00 I=36620 F=0x4000 T=107 SYN
(#3)
May 14 00:11:14 toc pppd[4244]: sent [LCP EchoReq id=0x89 magic=0x69fc4fa4]
May 14 00:11:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x89 magic=0xef6bce5]
May 14 00:11:19 toc kernel: Packet log: input DENY ppp0 PROTO=6
207.35.15.198:3466 217.136.64.59:1214 L=48 S=0x00 I=56588 F=0x4000 T=107 SYN
(#3)
May 14 00:11:27 toc /usr/sbin/gpm[466]: No data
May 14 00:11:31 toc kernel: Packet log: input DENY ppp0 PROTO=6
207.35.15.198:3466 217.136.64.59:1214 L=48 S=0x00 I=18189 F=0x4000 T=107 SYN
(#3)
May 14 00:11:34 toc pppd[4244]: sent [LCP EchoReq id=0x8a magic=0x69fc4fa4]
May 14 00:11:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x8a magic=0xef6bce5]
May 14 00:11:40 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2742 217.136.64.59:6699 L=48 S=0x00 I=54542 F=0x4000 T=112 SYN
(#3)
May 14 00:11:42 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2742 217.136.64.59:6699 L=48 S=0x00 I=54671 F=0x4000 T=112 SYN
(#3)
May 14 00:11:48 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2742 217.136.64.59:6699 L=48 S=0x00 I=54886 F=0x4000 T=112 SYN
(#3)
May 14 00:11:54 toc pppd[4244]: sent [LCP EchoReq id=0x8b magic=0x69fc4fa4]
May 14 00:11:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x8b magic=0xef6bce5]
May 14 00:12:08 toc kernel: Packet log: input DENY ppp0 PROTO=6
213.10.184.35:1059 217.136.64.59:6699 L=48 S=0x00 I=48275 F=0x4000 T=119 SYN
(#3)
May 14 00:12:11 toc kernel: Packet log: input DENY ppp0 PROTO=6
213.10.184.35:1059 217.136.64.59:6699 L=48 S=0x00 I=48319 F=0x4000 T=119 SYN
(#3)
May 14 00:12:14 toc pppd[4244]: sent [LCP EchoReq id=0x8c magic=0x69fc4fa4]
May 14 00:12:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x8c magic=0xef6bce5]
May 14 00:12:17 toc kernel: Packet log: input DENY ppp0 PROTO=6
213.10.184.35:1059 217.136.64.59:6699 L=48 S=0x00 I=48380 F=0x4000 T=119 SYN
(#3)
May 14 00:12:34 toc pppd[4244]: sent [LCP EchoReq id=0x8d magic=0x69fc4fa4]
May 14 00:12:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x8d magic=0xef6bce5]
May 14 00:12:54 toc pppd[4244]: sent [LCP EchoReq id=0x8e magic=0x69fc4fa4]
May 14 00:12:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x8e magic=0xef6bce5]
May 14 00:13:14 toc pppd[4244]: sent [LCP EchoReq id=0x8f magic=0x69fc4fa4]
May 14 00:13:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x8f magic=0xef6bce5]
May 14 00:13:34 toc pppd[4244]: sent [LCP EchoReq id=0x90 magic=0x69fc4fa4]
May 14 00:13:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x90 magic=0xef6bce5]
May 14 00:13:54 toc pppd[4244]: sent [LCP EchoReq id=0x91 magic=0x69fc4fa4]
May 14 00:13:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x91 magic=0xef6bce5]
May 14 00:14:00 toc /USR/SBIN/CRON[4361]: (root) CMD ( rm -f
/var/spool/cron/lastrun/cron.daily)
May 14 00:14:14 toc pppd[4244]: sent [LCP EchoReq id=0x92 magic=0x69fc4fa4]
May 14 00:14:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x92 magic=0xef6bce5]
May 14 00:14:34 toc pppd[4244]: sent [LCP EchoReq id=0x93 magic=0x69fc4fa4]
May 14 00:14:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x93 magic=0xef6bce5]
May 14 00:14:42 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2784 217.136.64.59:6699 L=48 S=0x00 I=61155 F=0x4000 T=112 SYN
(#3)
May 14 00:14:45 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2784 217.136.64.59:6699 L=48 S=0x00 I=61292 F=0x4000 T=112 SYN
(#3)
May 14 00:14:51 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2784 217.136.64.59:6699 L=48 S=0x00 I=61534 F=0x4000 T=112 SYN
(#3)
May 14 00:14:54 toc pppd[4244]: sent [LCP EchoReq id=0x94 magic=0x69fc4fa4]
May 14 00:14:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x94 magic=0xef6bce5]
May 14 00:15:12 toc su: (to nobody) root on none
May 14 00:15:12 toc PAM-unix2[4623]: session started for user nobody, service
su
May 14 00:15:14 toc pppd[4244]: sent [LCP EchoReq id=0x95 magic=0x69fc4fa4]
May 14 00:15:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x95 magic=0xef6bce5]
May 14 00:15:34 toc pppd[4244]: sent [LCP EchoReq id=0x96 magic=0x69fc4fa4]
May 14 00:15:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x96 magic=0xef6bce5]
May 14 00:15:37 toc pppd[4244]: rcvd [LCP EchoReq id=0xa magic=0xef6bce5]
May 14 00:15:37 toc pppd[4244]: sent [LCP EchoRep id=0xa magic=0x69fc4fa4]
May 14 00:15:54 toc pppd[4244]: sent [LCP EchoReq id=0x97 magic=0x69fc4fa4]
May 14 00:15:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x97 magic=0xef6bce5]
May 14 00:16:09 toc /usr/sbin/gpm[466]: No data
May 14 00:16:14 toc pppd[4244]: sent [LCP EchoReq id=0x98 magic=0x69fc4fa4]
May 14 00:16:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x98 magic=0xef6bce5]
May 14 00:16:34 toc pppd[4244]: sent [LCP EchoReq id=0x99 magic=0x69fc4fa4]
May 14 00:16:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x99 magic=0xef6bce5]
May 14 00:16:54 toc pppd[4244]: sent [LCP EchoReq id=0x9a magic=0x69fc4fa4]
May 14 00:16:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x9a magic=0xef6bce5]
May 14 00:17:08 toc PAM-unix2[4623]: session finished for user nobody,
service su
May 14 00:17:14 toc pppd[4244]: sent [LCP EchoReq id=0x9b magic=0x69fc4fa4]
May 14 00:17:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x9b magic=0xef6bce5]
May 14 00:17:34 toc pppd[4244]: sent [LCP EchoReq id=0x9c magic=0x69fc4fa4]
May 14 00:17:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x9c magic=0xef6bce5]
May 14 00:17:49 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2795 217.136.64.59:6699 L=48 S=0x00 I=1964 F=0x4000 T=112 SYN
(#3)
May 14 00:17:52 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2795 217.136.64.59:6699 L=48 S=0x00 I=2084 F=0x4000 T=112 SYN
(#3)
May 14 00:17:54 toc pppd[4244]: sent [LCP EchoReq id=0x9d magic=0x69fc4fa4]
May 14 00:17:54 toc pppd[4244]: rcvd [LCP EchoRep id=0x9d magic=0xef6bce5]
May 14 00:17:58 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2795 217.136.64.59:6699 L=48 S=0x00 I=2316 F=0x4000 T=112 SYN
(#3)
May 14 00:18:14 toc pppd[4244]: sent [LCP EchoReq id=0x9e magic=0x69fc4fa4]
May 14 00:18:14 toc pppd[4244]: rcvd [LCP EchoRep id=0x9e magic=0xef6bce5]
May 14 00:18:34 toc pppd[4244]: sent [LCP EchoReq id=0x9f magic=0x69fc4fa4]
May 14 00:18:34 toc pppd[4244]: rcvd [LCP EchoRep id=0x9f magic=0xef6bce5]
May 14 00:18:54 toc pppd[4244]: sent [LCP EchoReq id=0xa0 magic=0x69fc4fa4]
May 14 00:18:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xa0 magic=0xef6bce5]
May 14 00:19:14 toc pppd[4244]: sent [LCP EchoReq id=0xa1 magic=0x69fc4fa4]
May 14 00:19:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xa1 magic=0xef6bce5]
May 14 00:19:34 toc pppd[4244]: sent [LCP EchoReq id=0xa2 magic=0x69fc4fa4]
May 14 00:19:34 toc pppd[4244]: rcvd [LCP EchoRep id=0xa2 magic=0xef6bce5]
May 14 00:19:54 toc pppd[4244]: sent [LCP EchoReq id=0xa3 magic=0x69fc4fa4]
May 14 00:19:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xa3 magic=0xef6bce5]
May 14 00:20:14 toc pppd[4244]: sent [LCP EchoReq id=0xa4 magic=0x69fc4fa4]
May 14 00:20:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xa4 magic=0xef6bce5]
May 14 00:20:34 toc pppd[4244]: sent [LCP EchoReq id=0xa5 magic=0x69fc4fa4]
May 14 00:20:34 toc pppd[4244]: rcvd [LCP EchoRep id=0xa5 magic=0xef6bce5]
May 14 00:20:37 toc pppd[4244]: rcvd [LCP EchoReq id=0xb magic=0xef6bce5]
May 14 00:20:37 toc pppd[4244]: sent [LCP EchoRep id=0xb magic=0x69fc4fa4]
May 14 00:20:48 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2803 217.136.64.59:6699 L=48 S=0x00 I=8498 F=0x4000 T=112 SYN
(#3)
May 14 00:20:51 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2803 217.136.64.59:6699 L=48 S=0x00 I=8586 F=0x4000 T=112 SYN
(#3)
May 14 00:20:54 toc pppd[4244]: sent [LCP EchoReq id=0xa6 magic=0x69fc4fa4]
May 14 00:20:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xa6 magic=0xef6bce5]
May 14 00:20:57 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2803 217.136.64.59:6699 L=48 S=0x00 I=8816 F=0x4000 T=112 SYN
(#3)
May 14 00:21:14 toc pppd[4244]: sent [LCP EchoReq id=0xa7 magic=0x69fc4fa4]
May 14 00:21:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xa7 magic=0xef6bce5]
May 14 00:21:34 toc pppd[4244]: sent [LCP EchoReq id=0xa8 magic=0x69fc4fa4]
May 14 00:21:34 toc pppd[4244]: rcvd [LCP EchoRep id=0xa8 magic=0xef6bce5]
May 14 00:21:54 toc pppd[4244]: sent [LCP EchoReq id=0xa9 magic=0x69fc4fa4]
May 14 00:21:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xa9 magic=0xef6bce5]
May 14 00:22:14 toc pppd[4244]: sent [LCP EchoReq id=0xaa magic=0x69fc4fa4]
May 14 00:22:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xaa magic=0xef6bce5]
May 14 00:22:34 toc pppd[4244]: sent [LCP EchoReq id=0xab magic=0x69fc4fa4]
May 14 00:22:34 toc pppd[4244]: rcvd [LCP EchoRep id=0xab magic=0xef6bce5]
May 14 00:22:54 toc pppd[4244]: sent [LCP EchoReq id=0xac magic=0x69fc4fa4]
May 14 00:22:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xac magic=0xef6bce5]
May 14 00:23:14 toc pppd[4244]: sent [LCP EchoReq id=0xad magic=0x69fc4fa4]
May 14 00:23:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xad magic=0xef6bce5]
May 14 00:23:34 toc pppd[4244]: sent [LCP EchoReq id=0xae magic=0x69fc4fa4]
May 14 00:23:34 toc pppd[4244]: rcvd [LCP EchoRep id=0xae magic=0xef6bce5]
May 14 00:23:51 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2809 217.136.64.59:6699 L=48 S=0x00 I=12916 F=0x4000 T=112 SYN
(#3)
May 14 00:23:54 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2809 217.136.64.59:6699 L=48 S=0x00 I=13028 F=0x4000 T=112 SYN
(#3)
May 14 00:23:54 toc pppd[4244]: sent [LCP EchoReq id=0xaf magic=0x69fc4fa4]
May 14 00:23:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xaf magic=0xef6bce5]
May 14 00:24:00 toc kernel: Packet log: input DENY ppp0 PROTO=6
208.63.220.223:2809 217.136.64.59:6699 L=48 S=0x00 I=13277 F=0x4000 T=112 SYN
(#3)
May 14 00:24:14 toc pppd[4244]: sent [LCP EchoReq id=0xb0 magic=0x69fc4fa4]
May 14 00:24:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xb0 magic=0xef6bce5]
May 14 00:24:34 toc pppd[4244]: sent [LCP EchoReq id=0xb1 magic=0x69fc4fa4]
May 14 00:24:34 toc pppd[4244]: rcvd [LCP EchoRep id=0xb1 magic=0xef6bce5]
May 14 00:24:54 toc pppd[4244]: sent [LCP EchoReq id=0xb2 magic=0x69fc4fa4]
May 14 00:24:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xb2 magic=0xef6bce5]
May 14 00:25:14 toc pppd[4244]: sent [LCP EchoReq id=0xb3 magic=0x69fc4fa4]
May 14 00:25:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xb3 magic=0xef6bce5]
May 14 00:25:34 toc pppd[4244]: sent [LCP EchoReq id=0xb4 magic=0x69fc4fa4]
May 14 00:25:34 toc pppd[4244]: rcvd [LCP EchoRep id=0xb4 magic=0xef6bce5]
May 14 00:25:37 toc pppd[4244]: rcvd [LCP EchoReq id=0xc magic=0xef6bce5]
May 14 00:25:37 toc pppd[4244]: sent [LCP EchoRep id=0xc magic=0x69fc4fa4]
May 14 00:25:54 toc pppd[4244]: sent [LCP EchoReq id=0xb5 magic=0x69fc4fa4]
May 14 00:25:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xb5 magic=0xef6bce5]
May 14 00:26:14 toc pppd[4244]: sent [LCP EchoReq id=0xb6 magic=0x69fc4fa4]
May 14 00:26:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xb6 magic=0xef6bce5]
May 14 00:26:34 toc pppd[4244]: sent [LCP EchoReq id=0xb7 magic=0x69fc4fa4]
May 14 00:26:34 toc pppd[4244]: rcvd [LCP EchoRep id=0xb7 magic=0xef6bce5]
May 14 00:26:54 toc pppd[4244]: sent [LCP EchoReq id=0xb8 magic=0x69fc4fa4]
May 14 00:26:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xb8 magic=0xef6bce5]
May 14 00:27:14 toc pppd[4244]: sent [LCP EchoReq id=0xb9 magic=0x69fc4fa4]
May 14 00:27:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xb9 magic=0xef6bce5]
May 14 00:27:34 toc pppd[4244]: sent [LCP EchoReq id=0xba magic=0x69fc4fa4]
May 14 00:27:34 toc pppd[4244]: rcvd [LCP EchoRep id=0xba magic=0xef6bce5]
May 14 00:27:37 toc /usr/sbin/gpm[466]: No data
May 14 00:27:54 toc pppd[4244]: sent [LCP EchoReq id=0xbb magic=0x69fc4fa4]
May 14 00:27:54 toc pppd[4244]: rcvd [LCP EchoRep id=0xbb magic=0xef6bce5]
May 14 00:28:14 toc pppd[4244]: sent [LCP EchoReq id=0xbc magic=0x69fc4fa4]
May 14 00:28:14 toc pppd[4244]: rcvd [LCP EchoRep id=0xbc magic=0xef6bce5]
-------------------------------------------------------
[ Soyez pr�cis dans vos sujets svp afin de d�terminer directement ]
[ le type de demande... ]
[ Pour vous (d�s)inscrire, aller sur http://linuxbe.org/ml.php ]
[ http://LinuxBe.org Contact: [EMAIL PROTECTED] ]
