Is someone trying to hack me?

Gregory Nowak gnowak1 at uic.edu
Fri Dec 28 21:54:46 EST 2001


Hi all,

I thought I'd ask this, since I've been seeing some strange things in /var/adm/kernel lately, and wasn't exactly sure what the hell theese were.
Below is an example out of /var/adm/kernel. Note that I've replaced my ip address below with "myip".



Dec 28 20:04:32 linserver kernel: IN=eth0 OUT= MAC=00:50:da:7c:fe:24:00:02:17:61:40:60:08:00 SRC=216.148.218.197 DST=myip LEN=88 TOS=0x00 PREC=0xC0 TTL=245 ID=16488 PROTO=ICMP TYPE=3 CODE=3 [SRC=myip DST=216.148.218.197 LEN=60 TOS=0x00
PREC=0x00 TTL=56 ID=51822 DF PROTO=TCP SPT=1192 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0 ]



So, is someone trying to hack my box? If not, then what is this stuff anyway? It looks like one of the packates is a ping packate, but I'm not sure. Yes, I have my firewall script log pings.
Thanks for any explanations.
Greg





More information about the Speakup mailing list