Security Incidents mailing list archives
Connections to port 635 ??
From: Gunther () STAMMWITZ DE (Gunther Stammwitz)
Date: Thu, 22 Jun 2000 00:37:33 +0200
Hi, someone tried very often to connect to port 635. As far as I know there are no services on that port, is it an attack ? Another interesting thing is, that the source-ports are increasing or at least changing. What shall I do now ? traceroute 166.114.199.67 traceroute to 166.114.199.67 (166.114.199.67), 30 hops max, 40 byte packets 1 koeln6.ndh.net (195.94.89.1) 1 ms 1 ms 1 ms 2 koeln4.ndh.net (195.94.90.221) 1 ms 1 ms 1 ms 3 hssi2-0.frankfurt1.ndh.net (195.94.75.50) 5 ms 6 ms 5 ms 4 topnet-frankfurt.ndh.net (195.94.75.42) 5 ms 5 ms 5 ms 5 G3-0-5.ffm2-gsr.atm-bb.de (62.104.193.193) 5 ms 5 ms 5 ms 6 L0.kln2-gsr.atm-bb.de (62.104.191.149) 8 ms 7 ms 7 ms 7 L0.dus2-gsr.atm-bb.de (62.104.191.148) 11 ms 10 ms 10 ms 8 dus2-c.atm-bb.de (62.104.198.81) 10 ms 9 ms 9 ms 9 defra303-tc-s3-0.ebone.net (195.158.228.105) 13 ms 13 ms 12 ms 10 chgen101-tc-p1-0.ebone.net (195.158.228.86) 20 ms 20 ms 20 ms 11 chgen102-tc-p3-0.ebone.net (195.158.237.33) 22 ms 21 ms 21 ms 12 itmil201-ta-p5-0-0.ebone.net (195.158.241.38) 33 ms 32 ms 33 ms 13 195.158.241.118 (195.158.241.118) 26 ms 26 ms 27 ms 14 pa5-mi5.seabone.net (195.22.192.138) 50 ms 49 ms 48 ms 15 fa-eth-1-pa4.seabone.net (195.22.205.242) 50 ms 47 ms 47 ms 16 * * * Bye, Gunther Active System Attack Alerts =-=-=-=-=-=-=-=-=-=-=-=-=-= Jun 21 20:46:36 server portsentry[89]: attackalert: Connect from host: 166.114.199.67/166.114.199.67 to TCP port: 635 Jun 21 20:46:36 server portsentry[89]: attackalert: Host 166.114.199.67 has been blocked via wrappers with string: "ALL: 166.114.199.67" Jun 21 20:46:36 server portsentry[89]: attackalert: Host 166.114.199.67 has been blocked via dropped route using command: "/sbin/ipchains -I input -s 166.114.199.67 -j DENY -l" Jun 21 20:46:36 server portsentry[89]: attackalert: Connect from host: 166.114.199.67/166.114.199.67 to TCP port: 635 Jun 21 20:46:36 server portsentry[89]: attackalert: Host: 166.114.199.67 is already blocked. Ignoring Security Violations =-=-=-=-=-=-=-=-=-= Jun 21 20:46:36 server portsentry[89]: attackalert: Connect from host: 166.114.199.67/166.114.199.67 to TCP port: 635 Jun 21 20:46:36 server portsentry[89]: attackalert: Host 166.114.199.67 has been blocked via wrappers with string: "ALL: 166.114.199.67" Jun 21 20:46:36 server portsentry[89]: attackalert: Host 166.114.199.67 has been blocked via dropped route using command: "/sbin/ipchains -I input -s 166.114.199.67 -j DENY -l" Jun 21 20:46:36 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=25815 F=0x4000 T=43 (#1) Jun 21 20:46:36 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=25816 F=0x0000 T=43 (#1) Jun 21 20:46:36 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=25817 F=0x4000 T=43 (#1) Jun 21 20:46:36 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=25819 F=0x0000 T=43 (#1) Jun 21 20:46:36 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=25828 F=0x4000 T=43 (#1) Jun 21 20:46:36 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=25829 F=0x0000 T=43 (#1) Jun 21 20:46:36 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=25838 F=0x4000 T=43 (#1) Jun 21 20:46:36 server portsentry[89]: attackalert: Connect from host: 166.114.199.67/166.114.199.67 to TCP port: 635 Jun 21 20:46:36 server portsentry[89]: attackalert: Host: 166.114.199.67 is already blocked. Ignoring Jun 21 20:46:37 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=25978 F=0x4000 T=43 (#1) Jun 21 20:46:39 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=26269 F=0x0000 T=43 (#1) Jun 21 20:46:39 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=26270 F=0x0000 T=43 (#1) Jun 21 20:46:39 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=26273 F=0x0000 T=43 (#1) Jun 21 20:46:39 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=26274 F=0x4000 T=43 (#1) Jun 21 20:46:39 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=26336 F=0x4000 T=43 (#1) Jun 21 20:46:40 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=26397 F=0x4000 T=43 (#1) Jun 21 20:46:40 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=26400 F=0x4000 T=43 (#1) Jun 21 20:46:40 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=26402 F=0x4000 T=43 (#1) Jun 21 20:46:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=26811 F=0x0000 T=43 (#1) Jun 21 20:46:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=26812 F=0x0000 T=43 (#1) Jun 21 20:46:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=26813 F=0x4000 T=43 (#1) Jun 21 20:46:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=26814 F=0x0000 T=43 (#1) Jun 21 20:46:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=26937 F=0x4000 T=43 (#1) Jun 21 20:46:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=26938 F=0x4000 T=43 (#1) Jun 21 20:46:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=26939 F=0x4000 T=43 (#1) Jun 21 20:46:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=26942 F=0x4000 T=43 (#1) Jun 21 20:46:57 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=28105 F=0x4000 T=43 (#1) Jun 21 20:46:57 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=28111 F=0x0000 T=43 (#1) Jun 21 20:46:57 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=28114 F=0x0000 T=43 (#1) Jun 21 20:46:57 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=28119 F=0x0000 T=43 (#1) Jun 21 20:46:57 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=28195 F=0x4000 T=43 (#1) Jun 21 20:46:58 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=28202 F=0x4000 T=43 (#1) Jun 21 20:46:59 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=28313 F=0x4000 T=43 (#1) Jun 21 20:46:59 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=28314 F=0x4000 T=43 (#1) Jun 21 20:47:21 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=30318 F=0x0000 T=43 (#1) Jun 21 20:47:21 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=30319 F=0x0000 T=43 (#1) Jun 21 20:47:21 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=30320 F=0x0000 T=43 (#1) Jun 21 20:47:21 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=30365 F=0x4000 T=43 (#1) Jun 21 20:47:21 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=30366 F=0x4000 T=43 (#1) Jun 21 20:47:23 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=30474 F=0x4000 T=43 (#1) Jun 21 20:47:23 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=30536 F=0x4000 T=43 (#1) Jun 21 20:47:23 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=30537 F=0x4000 T=43 (#1) Jun 21 20:48:09 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=34588 F=0x0000 T=43 (#1) Jun 21 20:48:09 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=34589 F=0x0000 T=43 (#1) Jun 21 20:48:09 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=34590 F=0x0000 T=43 (#1) Jun 21 20:48:09 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=34635 F=0x4000 T=43 (#1) Jun 21 20:48:09 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=34636 F=0x4000 T=43 (#1) Jun 21 20:48:11 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=34751 F=0x4000 T=43 (#1) Jun 21 20:48:12 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=34853 F=0x4000 T=43 (#1) Jun 21 20:48:12 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=34855 F=0x4000 T=43 (#1) Jun 21 20:49:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=43311 F=0x0000 T=43 (#1) Jun 21 20:49:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=43312 F=0x0000 T=43 (#1) Jun 21 20:49:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=43313 F=0x0000 T=43 (#1) Jun 21 20:49:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=43315 F=0x0000 T=234 (#1) Jun 21 20:49:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=43382 F=0x0000 T=234 (#1) Jun 21 20:49:47 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=43577 F=0x4000 T=43 (#1) Jun 21 20:49:47 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=43578 F=0x4000 T=43 (#1) Jun 21 20:49:48 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=43626 F=0x4000 T=43 (#1) Jun 21 20:51:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=54139 F=0x0000 T=43 (#1) Jun 21 20:51:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=54140 F=0x0000 T=43 (#1) Jun 21 20:51:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=54141 F=0x0000 T=43 (#1) Jun 21 20:51:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=54210 F=0x0000 T=234 (#1) Jun 21 20:51:48 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=54473 F=0x4000 T=43 (#1) Jun 21 20:51:49 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=54476 F=0x4000 T=43 (#1) Jun 21 20:51:49 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=54479 F=0x4000 T=43 (#1) Jun 21 20:53:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=65173 F=0x0000 T=234 (#1) Jun 21 20:53:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=65174 F=0x0000 T=43 (#1) Jun 21 20:53:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=65175 F=0x0000 T=43 (#1) Jun 21 20:53:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=65176 F=0x0000 T=43 (#1) Jun 21 20:53:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=65219 F=0x0000 T=234 (#1) Jun 21 20:55:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=10420 F=0x0000 T=43 (#1) Jun 21 20:55:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=10421 F=0x0000 T=43 (#1) Jun 21 20:55:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=10423 F=0x0000 T=43 (#1) Jun 21 20:55:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=10532 F=0x0000 T=234 (#1) Jun 21 20:55:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=10536 F=0x0000 T=234 (#1) Jun 21 20:57:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=21755 F=0x0000 T=43 (#1) Jun 21 20:57:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=21756 F=0x0000 T=43 (#1) Jun 21 20:57:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=21758 F=0x0000 T=43 (#1) Jun 21 20:57:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=21851 F=0x0000 T=234 (#1) Jun 21 20:57:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=21852 F=0x0000 T=234 (#1) Jun 21 20:59:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=32674 F=0x0000 T=43 (#1) Jun 21 20:59:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=32675 F=0x0000 T=43 (#1) Jun 21 20:59:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=32676 F=0x0000 T=43 (#1) Jun 21 20:59:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=32800 F=0x0000 T=234 (#1) Jun 21 20:59:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=32801 F=0x0000 T=234 (#1) Jun 21 21:01:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=43277 F=0x0000 T=43 (#1) Jun 21 21:01:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=43278 F=0x0000 T=43 (#1) Jun 21 21:01:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=43279 F=0x0000 T=43 (#1) Jun 21 21:01:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=43416 F=0x0000 T=234 (#1) Jun 21 21:03:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=53558 F=0x0000 T=43 (#1) Jun 21 21:03:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=53560 F=0x0000 T=43 (#1) Jun 21 21:03:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=53563 F=0x0000 T=43 (#1) Jun 21 21:03:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=53694 F=0x0000 T=234 (#1) Jun 21 21:03:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=53695 F=0x0000 T=234 (#1) Jun 21 21:05:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=63947 F=0x0000 T=43 (#1) Jun 21 21:05:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=63948 F=0x0000 T=43 (#1) Jun 21 21:05:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=63949 F=0x0000 T=43 (#1) Jun 21 21:05:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=64079 F=0x0000 T=234 (#1) Jun 21 21:05:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=64080 F=0x0000 T=234 (#1) Jun 21 21:07:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=8957 F=0x0000 T=43 (#1) Jun 21 21:07:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=8958 F=0x0000 T=43 (#1) Jun 21 21:07:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=8959 F=0x0000 T=43 (#1) Jun 21 21:07:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=9101 F=0x0000 T=234 (#1) Jun 21 21:07:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=9109 F=0x0000 T=234 (#1) Jun 21 21:09:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30381 195.94.87.252:635 L=40 S=0x00 I=19724 F=0x0000 T=43 (#1) Jun 21 21:09:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30437 195.94.87.253:635 L=40 S=0x00 I=19725 F=0x0000 T=43 (#1) Jun 21 21:09:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30345 195.94.87.251:635 L=40 S=0x00 I=19726 F=0x0000 T=43 (#1) Jun 21 21:09:45 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30337 195.94.87.243:635 L=40 S=0x00 I=19843 F=0x0000 T=234 (#1) Jun 21 21:09:46 server kernel: Packet log: input DENY eth0 PROTO=6 166.114.199.67:30341 195.94.87.247:635 L=40 S=0x00 I=19851 F=0x0000 T=234 (#1)
Current thread:
- Which DoS ? [Updated] Eric LeBlanc (Jun 15)
- Re: Which DoS ? [Updated] Patrick Oonk (Jun 16)
- Re: Which DoS ? [Updated] Pluto (Jun 20)
- Re: Which DoS ? [Updated] Ian Eure (Jun 21)
- Netbus portscan ( port 12345) lmonin () METACONCEPT COM (Jun 21)
- Re: Netbus portscan ( port 12345) James T. Perry (Jun 22)
- scanned - strange! Sir Scriptzalot (Jun 21)
- (forw) Jennifer Granick Audio Interview now online Elias Levy (Jun 21)
- Connections to port 635 ?? Gunther Stammwitz (Jun 21)
- Connections to port 635 ?? Klaus Moeller (Jun 23)
- Re: Connections to port 635 ?? Bill (Jun 23)
- stranger ftp kill Max Gribov (Jun 23)
- Re: stranger ftp kill frank () STUDENT2 RUG AC BE (Jun 23)
- Re: stranger ftp kill jose (Jun 26)
- Re: Connections to port 635 ?? Ben Laws (Jun 23)
- Re: Connections to port 635 ?? Robert Graham (Jun 23)
- Nike Site taken over F_SecurityList Jo (Jun 21)
- Re: Nike Site taken over Steve (Jun 22)
- Re: Nike Site taken over Ex Machina (Jun 22)