[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] Re: Mail server

To: shef-lug [at] list.sheflug.org.uk
Subject: Re: [Sheflug] Re: Mail server
From: Richard Lowe <nospam [at] richlowe.demon.co.uk>
Date: Thu, 23 Aug 2001 01:27:45 +0100
Envelope-To: <shef-lug [at] list.sheflug.org.uk>
List-Help: <mailto:shef-lug-request [at] list.sheflug.org.uk?subject=help>
List-Id: Sheflug <shef-lug.list.sheflug.org.uk>
List-Post: <mailto:shef-lug [at] list.sheflug.org.uk>
List-Subscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=subscribe>
List-Unsubscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=unsubscribe>
Reply-To: shef-lug [at] list.sheflug.org.uk
Sender: shef-lug-admin [at] list.sheflug.org.uk
User-Agent: Mutt/1.3.18i

* Will Newton (will [at] misconception.org.uk) wrote:
> On Wednesday 22 Aug 2001 8:31 pm, you wrote:
> 
> > It isn't as common, but I've been flooded with ping, (and for some
> > strange reason, DNS lookups?) 2 or 3 times now.
> 
> Using snort? You have to setup a rule to stop snort logging DNS lookups. This 
> is because of the way DNS works in general makes it look like connections to 
> random ports on your machine.
> 
> Since the beginning of my logs, snort has picked up one real portscan since 
> Jul 15 on my "on far too long for my own good" freeserve connection.

No, my firewall blocks traffic to udp/tcp port 53 on this machine.
explicit connection attempts to dns on this machine.

(although now I look back through my logs it's TCP... which I thought
was only zone transfers, and really big queries, trying for a BIND bug
maybe?)

I'll attach a snippet of my logs, from June (assuming attachments to
this list work, I've seen the problems others have had.. but I really
don't want to include 16k in a message, and you can't really tell what I
meant if I cut it down anymore).

I guess it could be a misconfiguration on my part, and these could be
replies from spurious request made by dnscache, but I don't think so.
as it isn't a constant thing (as you would expect from a
misconfiguration).

But.. well.. it's something I meant to post to the list for possible
ideas anyway, and didn't get around to. so I may as well ask now :)

Ideas anyone?

(of course I'll look stupid if it is my fault (and with them all being
different IPs, that looks reasonably possible)) But I do, have
occaisions with several hundred pings all from the same host, that was
definitely not misconfiguration on my part) :)

-- 
[ Richard Lowe - richlowe - richlowe [at] richlowe.demon.co.uk ]
[            http://www.snowman.net/~richlowe/            ]

Jun 29 17:14:39 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=23304 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:39 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=208.184.162.71 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=54490 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:39 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.78.235.14 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=42505 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:39 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.34.68.2 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=23817 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:39 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.55.37.26 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=240 ID=0 PROTO=TCP SPT=30695 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:39 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=212.23.225.98 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=53833 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:39 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.37.200.46 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=241 ID=0 PROTO=TCP SPT=23717 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:42 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.35.167.58 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=49018 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:42 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.33.35.214 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=47093 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:42 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=194.205.125.26 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=248 ID=0 PROTO=TCP SPT=59705 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:42 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=212.78.160.237 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=246 ID=0 PROTO=TCP SPT=46335 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:42 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=62.26.119.34 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=23270 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:42 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=212.23.225.98 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=54112 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:43 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=207.55.138.206 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=41391 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:43 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=216.33.46.133 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=243 ID=3005 PROTO=ICMP TYPE=8 CODE=0 ID=51712 SEQ=8614 
Jun 29 17:14:43 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=64.69.165.251 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=246 ID=6351 PROTO=ICMP TYPE=8 CODE=0 ID=44544 SEQ=34873 
Jun 29 17:14:43 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=209.225.26.98 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=241 ID=26390 PROTO=ICMP TYPE=8 CODE=0 ID=50944 SEQ=55472 
Jun 29 17:14:43 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=64.69.165.251 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=246 ID=6795 PROTO=ICMP TYPE=8 CODE=0 ID=44544 SEQ=65081 
Jun 29 17:14:43 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=209.225.26.98 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=241 ID=26710 PROTO=ICMP TYPE=8 CODE=0 ID=50944 SEQ=20401 
Jun 29 17:14:43 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=216.33.46.133 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=243 ID=3625 PROTO=ICMP TYPE=8 CODE=0 ID=51712 SEQ=39590 
Jun 29 17:14:43 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.14.200.154 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=241 ID=0 PROTO=TCP SPT=26837 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:44 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=64.69.165.251 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=246 ID=7124 PROTO=ICMP TYPE=8 CODE=0 ID=44544 SEQ=33082 
Jun 29 17:14:44 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=23750 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:44 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=216.33.46.133 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=243 ID=4481 PROTO=ICMP TYPE=8 CODE=0 ID=51712 SEQ=35751 
Jun 29 17:14:44 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=62.26.119.34 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=23458 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:45 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=216.33.46.133 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=243 ID=4827 PROTO=ICMP TYPE=8 CODE=0 ID=51712 SEQ=1448 
Jun 29 17:14:45 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.56.174.186 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=239 ID=0 PROTO=TCP SPT=34453 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:45 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=216.33.46.133 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=243 ID=4993 PROTO=ICMP TYPE=8 CODE=0 ID=51712 SEQ=13992 
Jun 29 17:14:45 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.56.174.186 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=239 ID=0 PROTO=TCP SPT=34509 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:45 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=64.69.165.251 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=246 ID=8122 PROTO=ICMP TYPE=8 CODE=0 ID=44544 SEQ=43067 
Jun 29 17:14:46 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=209.225.26.98 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=241 ID=27895 PROTO=ICMP TYPE=8 CODE=0 ID=50944 SEQ=51378 
Jun 29 17:14:46 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=23991 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:46 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=24561 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:47 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.220.39.42 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=36917 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:47 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=194.205.125.26 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=248 ID=0 PROTO=TCP SPT=60418 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:48 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.34.68.2 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=25370 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:48 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.56.174.186 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=239 ID=0 PROTO=TCP SPT=34985 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:48 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=64.69.165.251 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=246 ID=10010 PROTO=ICMP TYPE=8 CODE=0 ID=44544 SEQ=63037 
Jun 29 17:14:48 vetinari kernel: PING: IN=ppp0 OUT= MAC= SRC=216.33.46.133 DST=158.152.177.79 LEN=84 TOS=0x00 PREC=0x00 TTL=243 ID=7466 PROTO=ICMP TYPE=8 CODE=0 ID=51712 SEQ=28842 
Jun 29 17:14:49 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.56.174.186 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=239 ID=0 PROTO=TCP SPT=34717 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:49 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.34.68.2 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=25370 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:50 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=194.213.64.150 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=242 ID=0 PROTO=TCP SPT=40854 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:51 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=25482 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:51 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=212.78.160.237 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=246 ID=0 PROTO=TCP SPT=48220 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:51 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.35.167.58 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=50896 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:52 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=203.194.166.182 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=42943 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:53 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.55.37.26 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=240 ID=0 PROTO=TCP SPT=32501 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:53 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.33.35.214 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=49826 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:53 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=26332 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:54 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=202.139.133.129 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=240 ID=0 PROTO=TCP SPT=20667 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:56 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.55.37.26 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=240 ID=0 PROTO=TCP SPT=32501 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:56 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.33.35.214 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=49826 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:56 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=26332 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:56 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=194.205.125.26 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=248 ID=0 PROTO=TCP SPT=62430 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:56 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.35.167.58 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=51745 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:57 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=208.184.162.71 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=57516 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:59 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.33.35.214 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=50241 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:59 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=26745 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:59 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=194.205.125.26 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=248 ID=0 PROTO=TCP SPT=62844 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:59 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.37.200.46 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=241 ID=0 PROTO=TCP SPT=27128 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:14:59 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.55.37.26 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=240 ID=0 PROTO=TCP SPT=32796 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:15:00 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=203.194.166.182 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=44030 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:15:01 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.220.39.42 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=39351 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:15:01 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=27204 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:15:01 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.33.35.214 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=50710 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:15:02 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=64.37.200.46 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=241 ID=0 PROTO=TCP SPT=27791 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:15:04 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=209.249.97.40 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=247 ID=0 PROTO=TCP SPT=27964 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:15:04 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=208.184.162.71 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=59138 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:15:04 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=207.55.138.206 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=244 ID=0 PROTO=TCP SPT=44867 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0 
Jun 29 17:15:04 vetinari kernel: TCP Dropped: IN=ppp0 OUT= MAC= SRC=216.35.167.58 DST=158.152.177.79 LEN=44 TOS=0x10 PREC=0x00 TTL=243 ID=0 PROTO=TCP SPT=53391 DPT=53 WINDOW=4128 RES=0x00 ACK SYN URGP=0

Follow-Ups:
- [Sheflug] Re: Mail server
  - From: Richard Ibbotson <nospam [at] sheflug.co.uk>

References:
- Re: [Sheflug] Re: Mail server
  - From: Will Newton <nospam [at] misconception.org.uk>

Prev by Date: [Sheflug] Re: Your message to Shef-lug awaits moderator approval
Next by Date: [Sheflug] QMail and AMAVIS
Prev by thread: Re: [Sheflug] Re: Mail server
Next by thread: [Sheflug] Re: Mail server
Index(es):
- Date
- Thread