2 May
2001
2 May
'01
10:52
hi list,
got this message some minutes ago
May 2 12:25:55 server kernel: Packet log: input DENY eth0 PROTO=1 192.168.0.2:3 this.is.my.ip:1 L=88 S=0x00 I=52687 F=0x000 0 T=243
This is a filtered icmp, subtype host-unreachable. I doubt that it is a brilliant idea to filter these since you have to run into timeouts of connect() without them.
where eth0 is the outbound-interface which is protected by ipchains from ip-spoofing. some kind of attack?!
any ideas are appreciated...;-) many thanks in advance, bye,
daniel
Roman.