[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Help with kernel log

If eth0 is your connection to the internet then your this looks
like IP-spoofing or somebody on your eth0 segment is being attacked.

You can block it with activating the kernels IP-spoof protection
or with ipchains rules.

If you can find out the MAC of the attacker you can report him to
your ISP. Be friendly and say that the 'attacker' has mis-configurated
his computer, he wil get the message...



At 12:36 PM 11/14/99 -0500, Krug Tech wrote:
I have a debian system which is always connected to the Internet and I use
it as a firewall (forwarding, masquerading, etc.) I couple of days ago
kernel started logging this message:

IP fw-in deny eth0 UDP L=70 S=0x00
I=<xxxxx> (this one is different every time) F=0x0000 T=128

It is being logged every 4-5 minutes.

What does this mean? Please help?


Reply to: