Re: strange connetions to exodus.net

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Alexis <alexis@attla.net.ar>
To: Andreas Meyer <anmeyer@gmx.net>
Cc: netfilter@lists.netfilter.org
Subject: Re: strange connetions to exodus.net
Date: Sat, 21 Feb 2004 13:47:47 -0300	[thread overview]
Message-ID: <1032480310.20040221134747@attla.net.ar> (raw)
In-Reply-To: <20040221122547.1cb9a3eb.anmeyer@gmx.net>

That 192.168.20.60 is trying to connect to 209.225.0.6 is obviuos, by
the lenght and the syn looks like a get.

Have you checked if that box (168.20.60) has any virus or anything
like this??

Hello Andreas,

Saturday, February 21, 2004, 8:25:47 AM, you wrote:

AM> Hello!

AM> Just wrote a little iptables-script not allowing connections
AM> to port 80.
AM> Now in the log I see this:

AM> Feb 21 11:53:41 delta kernel: DROP-TCP :IN= OUT=eth1 SRC=192.168.20.60 \
AM>  DST=209.225.0.6 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=22160 PROTO=TCP \
AM>  SPT=41197 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0

AM> It seems that with every request to a website there is also a request to
AM> IP 209.225.0.6 wich leads to exodus.net.

AM> I am completely worried about this. Who can tell me what is going on?

AM> Regards

-- 
Best regards,
 Alexis                            mailto:alexis@attla.net.ar

next prev parent reply	other threads:[~2004-02-21 16:47 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-02-21 11:25 strange connetions to exodus.net Andreas Meyer
2004-02-21 15:25 ` Ted Kaczmarek
2004-02-21 16:09   ` Andreas Meyer
     [not found]     ` <200402211136.22220.JALaramie@Loudoun-Fairfax.com>
2004-02-21 17:19       ` Andreas Meyer
2004-02-21 17:34         ` Jeffrey Laramie
2004-02-21 18:06         ` Re[2]: " Alexis
2004-02-21 18:26           ` Andreas Meyer
2004-02-21 22:40             ` Re[4]: " Alexis
2004-02-21 16:47 ` Alexis [this message]
2004-02-21 17:25   ` Andreas Meyer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1032480310.20040221134747@attla.net.ar \
    --to=alexis@attla.net.ar \
    --cc=anmeyer@gmx.net \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.