[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /var/log/messages

Also sprach Richard Beri (Sat 22 Feb 02003 at 07:29:38PM -0500):
> Feb 21 22:18:24 stormix kernel: SPOOFED Packet IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:d0:59:2d:4b:e4:08:00 SRC=209.135.93.166 DST=255.255.255.255 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=8420 PROTO=UDP SPT=2301 DPT=2301 LEN=20
> 
> I get this error messages in my /var/log/messages every 2 or so seconds.
> 
> Any ideas how I can silence it? Or tell me whats going on, because I don't really understand it.

Don't know what firewall you're running; nor how to make it stop logging
that stuff.

However, it is interesting to note:

SRC=209.135.93.166 ==> xtreme30-166.aci.on.ca

SPT=2301 DPT=2301

According to <http://www.iana.org/assignments/port-numbers> this is:
cpq-wbem	2301/tcp   Compaq HTTP
cpq-wbem	2301/udp   Compaq HTTP
#			   Scott Shaffer <scott.shaffer@compaq.com>

I'm not familiar with this port; but, you gotta wonder why aci.on.ca is
broadcasting http?

hth

-- 
Best Regards,

mds
mds resource
888.250.3987
-
Dare to fix things before they break . . .
-
Our capacity for understanding is inversely proportional to how much
we think we know.  The more I know, the more I know I don't know . . .
--
Reply to: