I get quite at lot of these entries from various
IP's.
"Jun 30 03:18:38 debbie kernel: Packet log: input
DENY eth0 PROTO=17 217.82.6.221:1415 10.0.0.200:137 L=78 S=0x00 I=62563 F=0x0000
T=118 (#5)"
The only access to port 137 is from my local
network, so the kernal deny's all access (as it should), but i'm wondering. Is
this an attack? If this really is an attach, how come I get "probed" up to 6
times a day? Are there really THAT many scriptkiddies, attackers, hackere or
whatever ?
/TL
|