"John Fleming" <[EMAIL PROTECTED]> writes: > Is this coming from my firewall (Firestarter) somehow? If so, why?? > 64.105.56.109 is my IP, but I don't know what the other one is 64.105.106.5)
Yes. Firestarter has iptables logging any denied access, and those logs are dumped to the console. There's a way to change this, but I don't remember right now. I got tired of it and wrote my own init script to set up IPTables (plus I know exactly what my script does -- I get a little paranoid with my servers :) ) > IN=eth0) OUT= MAC= 00:c0:9f:38:15:eb:00:e0:eb:74:7f:C8:08:00: > SRC=64.105.106.5 DST=64.105.56.109 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=9735 > DF PROTO=TCP SPT= 2074 DPT=135 WINDOW=65280 RES=0x00 SYN URGP=0 Port 135 is used for M$ windows -- probably a worm scanning for available (and vulnerable) computers. -- Douglas G. Phillips Distributed Computing Eastern Illinois University -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
