Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] compromised?
  • From: Nix <suse@xxxxxxxxxxxxxxx>
  • Date: Fri, 09 Feb 2001 15:26:56 +1100
  • Message-id: <>
At 02:57 PM 9/02/2001, you wrote:
On Thu, 08 Feb 2001, Achim Ehrlich wrote:

> Hello list,
> i'm running a little homenetwork and scan my messages only occasionally.
> Today i found, that my var/log/messages was flodded with the following
> messages from
> ipchains:
> Jan 24 00:00:58 coalmine kernel: Packet log: input DENY ppp0 PROTO=6
> L=48 S=0x00 I=11174 F=0x4000 T=107
> SYN(#3)
> Jan 24 00:00:59 coalmine kernel: Packet log: input DENY ppp0 PROTO=6
> L=44 S=0x00 I=46941 F=0x4000 T=237
> SYN(#3)

Is some unsupervised kid with an 'security tool'
syn-flooding him with spoofed source addresses? It seems
his box is easily withstanding this, until his log fills the

possibly, I get junk like this hitting my firewalls constantly both at home,
at work and at clients. Some of the banks I work for obviously get alot more
than my cablemodem at home, but I still get >100 lines per hour of logs
on my cable. It's nothing to be overly worried about

logrotate nicely takes care of excess logs :-)


Nix - nix@xxxxxxxxxxxxxxxx

< Previous Next >