bernie@innovative.iinet.net.au wrote: I have never been worthy enough (or rich enough) to rate a 24/7 connection. :-) I live in hope, but!!!
They have no business doing that on "my" firewalls anyway; they are 24x7 connects.
If in doubt; report to the source ISP.
That's always a good idea, the other one is to report to your own ISP. He then adds weight to your complaint b threatening to axe their clients from his service (handy if you need some 'muscle').
[Just had another (ab)user's connection pulled.]
And yes; I can confirm an attack attempt as follows: (destination address concealed!)
May 26 03:19:20 rocky kernel: Packet log: input DENY ppp0 PROTO=17 206.230.103.21:137 mmm.59.nnn.zzz:137 L=78 S=0x00 I=51198 F=0x0000 T=110 (#76) May 26 03:19:21 rocky kernel: Packet log: input DENY ppp0 PROTO=17 169.254.84.219:137 mmm.59.nnn.zzz:137 L=78 S=0x00 I=52478 F=0x0000 T=110 (#76) May 26 03:19:21 rocky kernel: Packet log: input DENY ppp0 PROTO=17 206.230.103.21:137 mmm.59.nnn.zzz:137 L=78 S=0x00 I=52734 F=0x0000 T=110 (#76) May 26 03:19:23 rocky kernel: Packet log: input DENY ppp0 PROTO=17 169.254.84.219:137 mmm.59.nnn.zzz:137 L=78 S=0x00 I=54270 F=0x0000 T=110 (#76) May 26 03:19:23 rocky kernel: Packet log: input DENY ppp0 PROTO=17 206.230.103.21:137 mmm.59.nnn.zzz:137 L=78 S=0x00 I=54526 F=0x0000 T=110 (#76)
Note the use of two addresses from different sources at the same time. And the connection source port!
Sounds like someone with their own DNS server, or working through a server in a large institution (college/ TAFE etc).
I cannot get consistent traceroutes on those source addresses at the moment - the 206.230.103.21 disappears at apx-1.portsmouth.zoomnet.net (206.230.102.17)
No success at all with 169.254.84.21 which seems to wind up looping at 203.166.7.141.
-- Bernd Felsche - Innovative Reckoning Perth, Western Australia
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
-- Regards Don Hansford ECKYTECH COMPUTING Surfing the Net (without crashing) With SuSE 6.4 Linux (Thanx Linus!) "Microsoft democratised the computer market and served as a catalyst in making computers available to everybody. Later, however, they did as many revolutionaries do -- they became dictators. History has taught us the inevitable fate of dictators." -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/