Re: Logging packets from iptables
On 22-May-01, 16:50 (CDT), Chris Boyle [EMAIL PROTECTED] wrote: Firstly be aware that these are probably just responses from web servers you're browsing if they don't have the SYN (establish connection) flag set (80 is http). Nope. Port 80 is http _server_ -- this is port web servers listen on, and web browsers send requests to. Replies from web servers do not come back to 80, they come back to the client, at whatever (high-numbered, non-privileged, pretty much arbitrary) port got allocated when the client established the connection. Steve -- Steve Greenland [EMAIL PROTECTED] (Please do not CC me on mail sent to this list; I subscribe to and read every list I post to.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Logging packets from iptables
On Wed, May 23, 2001 at 05:18:04PM +0200, Simon Huggins wrote: On Tue, May 22, 2001 at 08:37:26PM +0100, Dave Smith wrote: (Please do not CC me on mail sent to this list; I subscribe to and read every list I post to.) But do you read every post of every list you post to? (sorry it was too tempting) Few people read every post. Most read the threads they participate in. I see no reason to mock someone's courtesy request. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Ltd. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton PGP signature
strange log entry
Heya :) I was running a 'tail -f' on my /var/log/messages and this entry appeared while I was connected to the internet: May 24 10:08:11 noogies -- MARK -- May 24 10:20:34 noogies May 24 10:20:34 noogies /sbin/rpc.statd[151]: gethostbyname error for ^X÷ÿ¿^X÷ÿ¿^Y÷ÿ¿^Y÷ÿ¿^Z÷ÿ¿^Z÷ÿ¿^[÷ÿ¿^[÷ÿ¿%8x%8x%8x%8x%8x%8x%8x%8x%8x%236x%n%137x%n%10x%n%192x%n\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220\220 May 24 10:20:34 noogies Ç^F/binÇF^D/shA0À\210F^G\211v^L\215V^P\215N^L\211ó°^KÍ\200°^AÍ\200è\177ÿÿÿ and it has me worried it may be a security issue. I'm very new to linux, and newer again to debian, and at this stage I really don't have a clue as to what the above log entry is trying to tell me... Any input or comments would be very appreciated :) Thank you - trevs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
BINGOFOLIE : la loterie où on gagne à tout les coups
Bonjour, Le nouveau site de loterie www.bingofolie.com vient de voir le jour. Le principe est très simple : cocher 7 numéros sur les 49 de la grille et validez.Ces grilles vous rapportent des points(Foli'z). Quand vous avez assez de Foli'z, vous avez des cadeaux, vous choisissez, vous commandez, ou vous encherissez...et vous serez peut être l'heureux gagnant d'un des superbes cadeaux proposés (voyages,ordinateur,etc). Les tirages ont lieu chaque lundi à 9h00 sous contrôle d'huissier, et vous pouvez participer une fois par jour. De plus, en parrainant vos amis, vous augmenter vos chances de gagner : si un de vos filleuls gagne, vous gagnez 10% des points qu'il gagne, sachant que lui aussi peut avoir de nombreux filleuls ! Vous êtes donc cordialement invités à aller essayer le site, et peut etre à gagner un ordinateur ou un voyage Adresse du site : http://www.bingofolie.com/index.phpH.Henry. --! - Votre adresse a été trouvée sur internet, ceci est un envoi unique pour vous faire profiter d'un site sympa, vous ne recevrez pas d'autres mails de ce type. (Anti-spam) ---
Re: Logging packets from iptables
On 22-May-01, 16:50 (CDT), Chris Boyle [EMAIL PROTECTED] wrote: Firstly be aware that these are probably just responses from web servers you're browsing if they don't have the SYN (establish connection) flag set (80 is http). Nope. Port 80 is http _server_ -- this is port web servers listen on, and web browsers send requests to. Replies from web servers do not come back to 80, they come back to the client, at whatever (high-numbered, non-privileged, pretty much arbitrary) port got allocated when the client established the connection. Steve -- Steve Greenland [EMAIL PROTECTED] (Please do not CC me on mail sent to this list; I subscribe to and read every list I post to.)
Re: Logging packets from iptables
On Tue, May 22, 2001 at 08:37:26PM +0100, Dave Smith wrote: ... originating from port 80 of different computers on the internet. ^ On Wed, May 23, 2001 at 08:56:55AM -0500, Steve Greenland wrote: On 22-May-01, 16:50 (CDT), Chris Boyle [EMAIL PROTECTED] wrote: Firstly be aware that these are probably just responses from web servers you're browsing if they don't have the SYN (establish connection) flag set (80 is http). Port 80 is http _server_ -- this is port web servers listen on, and Yes. web browsers send requests to. Replies from web servers do not come back to 80, they come back to the client, at whatever (high-numbered, No but they come back *from* port 80. (Please do not CC me on mail sent to this list; I subscribe to and read every list I post to.) But do you read every post of every list you post to? (sorry it was too tempting) -- --( A computer's got to do what a computer's got )-- Simon ( to do. -Holly. ) Nomis Htag.pl 0.0.18
Re: Logging packets from iptables
On Wed, May 23, 2001 at 05:18:04PM +0200, Simon Huggins wrote: On Tue, May 22, 2001 at 08:37:26PM +0100, Dave Smith wrote: (Please do not CC me on mail sent to this list; I subscribe to and read every list I post to.) But do you read every post of every list you post to? (sorry it was too tempting) Few people read every post. Most read the threads they participate in. I see no reason to mock someone's courtesy request. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Ltd. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton pgpEKfKK7O9PO.pgp Description: PGP signature
Re: Logging packets from iptables
On 23-May-01, 10:18 (CDT), Simon Huggins [EMAIL PROTECTED] wrote: On Tue, May 22, 2001 at 08:37:26PM +0100, Dave Smith wrote: originating from port 80 of different computers on the internet. ^ [snip] web browsers send requests to. Replies from web servers do not come back to 80, they come back to the client, at whatever (high-numbered, No but they come back *from* port 80. (Please do not CC me on mail sent to this list; I subscribe to and read every list I post to.) But do you read every post of every list you post to? Apparently not. (Well, I'd read the post, but didn't go back and re-read it before I mouthed off at Chris). Maxima mea culpa. (sorry it was too tempting) And completely justified. :-) Steve, who opened an editor and inserted a foot. -- Steve Greenland [EMAIL PROTECTED] (Please do not CC me on mail sent to this list; I subscribe to and read every list I post to.)