Security Incidents mailing list archives
Re: Wierd UDP packets
From: Tapio Sokura <oh2kku () IKI FI>
Date: Wed, 14 Feb 2001 23:23:54 +0200
Feb 14 15:49:39 ns1 kernel: Packet log: input DENY eth0 PROTO=17 144.16.64.112:39398 a.b.c.d:33465 L=38 S=0x00 I=39429 F=0x0000 T=1 (#24) (The values of I increase serially, T increases by 1 every third packet)
That looks like a traceroute to me. At least *nix traceroutes customarily use UDP packets to high ports (over 30000) with TTL and port values rising steadily (without special options traceroute sends three "pings" with each TTL value). I wouldn't be worried about this.
Current thread:
- Wierd UDP packets Devdas Bhagat (Feb 14)
- Re: Wierd UDP packets Tapio Sokura (Feb 14)
- Re: Wierd UDP packets Blake Frantz (Feb 14)