Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
SuSE-FW-OUTPUT-ERRORIN log
  • From: mario libraro <m.libraro@xxxxxxxxxxxxxx>
  • Date: Thu, 31 Jan 2002 15:45:13 +0100
  • Message-id: <3C595878.366186BA@xxxxxxxxxxxxxx>
Hi to all listmates,

I found these lines in /var/log/messages:

Jan 31 11:51:20 goemon kernel: SuSE-FW-OUTPUT-ERRORIN= OUT=eth0 SRC=<my
ip!> DST=<external ip 1> LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=19546
PROTO=TCP SPT=45274 DPT=21 WINDOW=3072 RES=0x00 URGP=0 OPT
(03030A0102040109080A3F3F3F3F000000000000)

Jan 31 12:01:53 goemon kernel: SuSE-FW-OUTPUT-ERRORIN= OUT=eth0 SRC=<my
ip!> DST=<external ip 2> LEN=60 TOS=0x00 PREC=0x00 TTL=43 ID=49052
PROTO=TCP SPT=54417 DPT=139 WINDOW=4096 RES=0x00 URGP=0 OPT
(03030A0102040109080A3F3F3F3F000000000000)

<external ip 1> and <external ip 2> are from the same subnet but are
different. Is this a spoofing attack or what?



--
Mario Libraro
Web Applications Developer

Fulltrading S.p.A.
00148 Roma - Via Di Affogalasino, 105
tel. +39 06 65 73 170
fax +39 06 65 73 529
mob. +39 347 5205 752
email: m.libraro@xxxxxxxxxxxxxx
m.libraro@xxxxxxxxxx
web: www.fulltrading.it

--

"I worry about my child and the Internet all the time, even though she's
too young to have logged on yet.
I worry that 10 or 15 years from now, she will come to me and say
'Daddy, where were you when they took freedom of the press away from
the Internet?'"

Mike Godwin, Electronic Frontier Foundation

< Previous Next >