On Tue, Dec 23, 2003 at 07:01:01PM +0100, outsider wrote: > Last time I frequently get messages like > "smbd: refused connect from " in my /var/log/syslog. Every time > with new IP-address. What are these connections? Is somebody trying to > scan me or what is the reason for these messages? You are being scanned. Get used to it. You're not specifically being targetted, but rather your IP address was randomly generated by some worm on some Windows box and a connection attempt was made. If you're feeling particularly motivated, you can try to track down the owner of the infected machine (or at least the owner of the netblock it lives on) and inform them, but it probably won't do you much good. I suspect that you'll quickly find that most owners are simply not responsive. noah -- Hello to all my friends and fans in domestic surveillance.
Description: PGP signature