Re: Sylog Error Messages

To: debian parisc <debianparisc@hotmail.com>
Cc: <debian-user@lists.debian.org>
Subject: Re: Sylog Error Messages
From: Mike Dresser <mdresser_l@windsormachine.com>
Date: Thu, 6 Feb 2003 12:58:03 -0500 (EST)
Message-id: <[🔎] Pine.LNX.4.33.0302061253400.6450-100000@router.windsormachine.com>
In-reply-to: <[🔎] F11BNMCtpa9NhZXNRYD0000ff0a@hotmail.com>

On Thu, 6 Feb 2003, debian parisc wrote:

> Friends,
>
> I'm running stable and I have portsentry, firestarter, chkrootkit and
> logcheck installed on my machine. Whilst checking my logs I see loads of
> these entries:-
>
> Feb  6 15:05:10 kingston kernel: IN=eth0 OUT= MAC= SRC=100.100.100.100
> DST=100.100.100.255 LEN=273 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP
> SPT=138 DPT=138 LEN=253

Welcome to excessively chatty windows networking.  Do you have samba
installed on your machine?  Looks like it's looking for other machines on
the network(hence the broadcast)

Pretty normal.

> Feb  6 15:30:15 kingston kernel: IN=eth0 OUT=
> MAC=00:40:7b:6e:61:3b:00:30:94:9c:aa:a8:08:00 SRC=193.38.113.34 DST=<MY IPP>
> LEN=52 TOS=0x00 PREC=0x00 TTL=119 ID=52382 DF PROTO=TCP SPT=43030 DPT=25
> WINDOW=5840 RES=0x00 SYN URGP=0

Connection/attempted connection to your real or non-existent mail server
from the internet, from somewhere in the UK.

Mike

Reply to:

Follow-Ups:
- Re: Sylog Error Messages
  - From: Colin Watson <cjwatson@debian.org>

References:
- Sylog Error Messages
  - From: "debian parisc" <debianparisc@hotmail.com>

Prev by Date: Re: shuttle disaster
Next by Date: Re: partitioning hard drive & /usr is already 96% full
Previous by thread: Sylog Error Messages
Next by thread: Re: Sylog Error Messages
Index(es):
- Date
- Thread