Date: Thu, 11 Feb 1999 17:44:13 -0800 (PST) From: jfesler@gigo.com To: tetsuhiro <tetsuhiro@tsuzuki.ne.jp> Cc: "isp@freebsd.org" <isp@FreeBSD.ORG> Subject: Re: Someone sent me a security notice Message-ID: <Pine.BSF.4.00.9902111739530.446-100000@heaven.gigo.com> In-Reply-To: <36C37B77.4AD78E47@tsuzuki.ne.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
> Yesterday I got a following message from someone via email. > I don't know who he/she is. You can usually use "whois -h whois.internic.net xxx.net" to see who the official contacts are. > > xxx@xxx.net wrote: > > from our log files: > > > >Feb 9 12:14:39 smoke kernel: IP fw-in deny eth1 UDP 152.226.76.37:1277 >206.30.145.4:31337 L=46 > >S=0x00 I=1816 F=0x0000 T=108 > > > > Times are -0500. Please investigate this matter and take appropriate action. > > What should I do? Smells like a traceroute packet. Even if it was meant to be malicious, UDP is too easily spoofable. > Frankly speaking I can not understand what he/she wrote. > I'd like to know he/she got my email address also. Probably something like either tracerouting to your IP address, and looking up contact info for the listed domain name, or by using whois -h whois.arin.net 152.226.76.37 to see what listed info was available that way. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.00.9902111739530.446-100000>