Mailinglist Archive: opensuse-security (224 mails)
| < Previous | Next > |
Fwd: RE: [suse-security] My SuSEFirewall blocks something than my LAM can not surfing in internet anymore.
- From: Ian David Laws <ian@xxxxxxxxxxxxxxxx>
- Date: Fri, 28 Feb 2003 15:22:06 +0100
- Message-id: <200302281522.06058.ian@xxxxxxxxxxxxxxxx>
Hi Prabu
you see that it is ssh if you look at the destination port DST it is 22 or SSH
.
Ian
---------- Forwarded Message ----------
Subject: RE: [suse-security] My SuSEFirewall blocks something than my LAM can
not surfing in internet anymore.
Date: Fri, 28 Feb 2003 06:01:33 -0800 (PST)
From: Prabu Subroto <prabu_subroto@xxxxxxxxx>
To: SuSE Security Milis <suse-security@xxxxxxxx>
Dear Peer....
I tried the command line from you. But the output is
empty...
I grep nothing...
I will repeat this threat from you if the problem
comes again.
Btw, how can you know that what I send to you was only
ssh?
Please help me, I am stucked...
--- Peer Stefan <stefan.peer@xxxxxxxx> wrote:
> Hi Prabu,
>
> Sorry to say so, but this trace shows nothing more
> than a connection-trace of your ssh-session (DPT=22
> ...).
> Don't tail /var/log/messages, it's quite big and
> gets filled really fast.
> Do a "cat /var/log/messages|grep DTP=80|grep -v
> DST=192.168.23.10" in order to get all the outgoing
> http-stuff.
>
> so long,
> Stefan
>
> btw. I'm called Stefan - it's a bit queer here in
> Austria, we always put the last name in front ;-)
>
> > From: Prabu Subroto
>
> [mailto:prabu_subroto@xxxxxxxxx]
>
> > Dear my friend, Peer...
> >
> > Today morning, it happened again. I follow your
>
> advice
>
> > and this is the 60 lines of my "/var/log/messages"
> > file:
> > "
> > proxy:/var/log # tail -n 60 messages
> > Feb 27 14:04:49 proxy kernel:
> > SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> > MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> > SRC=192.168.23.237 DST=192.168.23.10 LEN=52
>
> TOS=0x10
>
> > PREC=0x00 TTL=64 ID=4343 DF PROTO=TCP SPT=1132
>
> DPT=22
>
you see that it is ssh if you look at the destination port DST it is 22 or SSH
.
Ian
---------- Forwarded Message ----------
Subject: RE: [suse-security] My SuSEFirewall blocks something than my LAM can
not surfing in internet anymore.
Date: Fri, 28 Feb 2003 06:01:33 -0800 (PST)
From: Prabu Subroto <prabu_subroto@xxxxxxxxx>
To: SuSE Security Milis <suse-security@xxxxxxxx>
Dear Peer....
I tried the command line from you. But the output is
empty...
I grep nothing...
I will repeat this threat from you if the problem
comes again.
Btw, how can you know that what I send to you was only
ssh?
Please help me, I am stucked...
--- Peer Stefan <stefan.peer@xxxxxxxx> wrote:
> Hi Prabu,
>
> Sorry to say so, but this trace shows nothing more
> than a connection-trace of your ssh-session (DPT=22
> ...).
> Don't tail /var/log/messages, it's quite big and
> gets filled really fast.
> Do a "cat /var/log/messages|grep DTP=80|grep -v
> DST=192.168.23.10" in order to get all the outgoing
> http-stuff.
>
> so long,
> Stefan
>
> btw. I'm called Stefan - it's a bit queer here in
> Austria, we always put the last name in front ;-)
>
> > From: Prabu Subroto
>
> [mailto:prabu_subroto@xxxxxxxxx]
>
> > Dear my friend, Peer...
> >
> > Today morning, it happened again. I follow your
>
> advice
>
> > and this is the 60 lines of my "/var/log/messages"
> > file:
> > "
> > proxy:/var/log # tail -n 60 messages
> > Feb 27 14:04:49 proxy kernel:
> > SuSE-FW-ACCEPT-ALL-INTERNAL IN=eth0 OUT=
> > MAC=00:50:bf:77:77:d5:00:50:bf:77:80:49:08:00
> > SRC=192.168.23.237 DST=192.168.23.10 LEN=52
>
> TOS=0x10
>
> > PREC=0x00 TTL=64 ID=4343 DF PROTO=TCP SPT=1132
>
> DPT=22
>
| < Previous | Next > |