If I read this correctly, and making assumptions about your network
topology and system configuration ...
You are doing IPTables logging on your firewall and you are intercepting
a port-unreachable replies from 210.11.68.47 for 204.144.132.162 which
attempted to send a UDP packet to port 62408 on 210.11.68.47 from port
53.
It could be DNS traffic that timed out or otherwise failed on
210.11.68.47, or it could be someone probing your systems using DNS as a
source port to try to hide their tracks.
thornton
On Thu, 2002-09-19 at 08:46, Ashley M. Kirchner wrote:
>
> Um, vat ist thees?
>
> kernel: IN=eth0 OUT= MAC=00:50:da:05:c5:f4:00:04:dd:0b:e0:92:08:00
> SRC=210.11.68.47 DST=204.144.132.162 LEN=56 TOS=0x00 PREC=0x00 TTL=238 ID=14090
> PROTO=ICMP TYPE=3 CODE=3 [SRC=204.144.132.162 DST=210.11.68.47 LEN=121 TOS=0x00
> PREC=0x00 TTL=248 ID=37692 DF PROTO=UDP SPT=53 DPT=62408 LEN=101 ]
>
> 204.144.132.162 is my server.
>
> --
> W | I haven't lost my mind; it's backed up on tape somewhere.
> +--------------------------------------------------------------------
> Ashley M. Kirchner <mailto:[EMAIL PROTECTED]> . 303.442.6410 x130
> IT Director / SysAdmin / WebSmith . 800.441.3873 x130
> Photo Craft Laboratories, Inc. . 3550 Arapahoe Ave. #6
> http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A.
>
>
>
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
