Ray Leach schrieb, On 01.04.2004 16:06:
On Thu, 2004-04-01 at 16:03, Sven Geipel wrote:
Hi,
today I had some strange log entries in my messages log:
[...]
Apr 1 15:00:27 linux kernel: Packet log: input DENY eth2 PROTO=6 91.168.63.123:51480 133.90.24.101:45686 L=40 S=0x00 I=53509 F=0x0000 T=64 SYN (#31) Apr 1 15:00:27 linux kernel: Packet log: input DENY eth2 PROTO=6 244.236.235.124:24475 140.202.207.61:13436 L=40 S=0x00 I=48522 F=0x0000 T=64 SYN (#31) Apr 1 15:00:27 linux kernel: Packet log: input DENY eth2 PROTO=6 104.161.59.77:33401 244.220.3.89:34119 L=40 S=0x00 I=28291 F=0x0000 T=64 SYN (#31) Apr 1 15:00:27 linux kernel: Packet log: input DENY eth2 PROTO=6 137.200.120.2:48503 5.116.24.73:14488 L=40 S=0x00 I=30175 F=0x0000 T=64 SYN (#31) Apr 1 15:00:27 linux kernel: Packet log: input DENY eth2 PROTO=6 189.114.54.9:42854 158.176.187.65:36878 L=40 S=0x00 I=36252 F=0x0000 T=64 SYN (#31) [...] Apr 1 15:00:28 linux kernel: Packet log: input DENY eth2 PROTO=6 xx.xx.xx.xx:10195 32.223.34.115:15138 L=40 S=0x00 I=8296 F=0x0000 T=30 (#31) [...] Apr 1 15:00:31 linux kernel: martian destination 26ae58f0 from e716450a, dev eth2 [...] Apr 1 15:00:37 linux kernel: Packet log: input DENY eth2 PROTO=6 171.15.231.59:25185 139.24.120.54:52550 L=40 S=0x00 I=42486 F=0x0000 T=64 SYN (#31) Apr 1 15:00:37 linux kernel: Packet log: input DENY eth2 PROTO=6 46.180.199.78:25009 170.227.122.106:64977 L=40 S=0x00 I=35370 F=0x0000 T=64 SYN (#31)
Has anyone an idea what this could be?
Yes, do a search on the web for 'martian destination' ...
Thanks, but this I made first of course. I know now what martian destination means, but how can I find out why and by what (machine) this packets are generated. And which role plays my extendnet print box xx.xx.xx.xx in this game? Why does it try to come to a AT&T address? best regards Sven