[François TOURDE] Re: newbie iptables question
Sorry for personnal posting. I've changed my keys recently under Gnus,
and it's hard to change old usage ;)
--- Begin Message ---
Le 12643ième jour après Epoch,
Wanda Round écrivait:
> After reading that I should look through /var/log/messages, I did
> and found many lines like these:
> Aug 12 04:36:53 towern kernel: |iptables -- IN=ppp0 OUT= MAC=
> SRC=188.8.131.52 DST=184.108.40.206 LEN=48 TOS=0x00 PREC=0x00 TTL=115
> ID=40023 DF PROTO=TCP SPT=4346 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
> Aug 12 04:40:59 towern kernel: |iptables -- IN=ppp0 OUT= MAC=
> SRC=220.127.116.11 DST=18.104.22.168 LEN=52 TOS=0x00 PREC=0x00 TTL=46
> ID=19155 DF PROTO=TCP SPT=4845 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
> The 22.214.171.124 was my dialup connection. The 201.129.etc and 83.36.etc
> were from Mexico and Spain.
> MAN iptables didn't help me at all!
> What are these lines telling me? Where can I find a simpler explanation
> of iptables logs?
They're telling you that somebody in Spain and Mexico is trying to
contact your computer using 445 port (DST=445). And This port is:
francois@fermat:~$ grep 445 /etc/services
microsoft-ds 445/tcp # Microsoft Naked CIFS
Ego sum ens omnipotens.
--- End Message ---
Before marriage the three little words are "I love you," after marriage
they are "Let's eat out."
François TOURDE - tourde.org - 23 rue Bernard GANTE - 93250 VILLEMOMBLE
Tél: 01 49 35 96 69 - Mob: 06 81 01 81 80