From owner-freebsd-questions@FreeBSD.ORG Thu Apr 1 04:43:10 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0A5B816A4CE for ; Thu, 1 Apr 2004 04:43:10 -0800 (PST) Received: from kleenmail.net (unknown [208.186.105.29]) by mx1.FreeBSD.org (Postfix) with ESMTP id B7B2043D31 for ; Thu, 1 Apr 2004 04:43:09 -0800 (PST) (envelope-from llund@kleenmail.net) Received: from portege (portegemysql [192.168.0.5]) by kleenmail.net (Postfix) with SMTP id 2EAFB39854; Thu, 1 Apr 2004 12:42:05 -0700 (MST) From: Lorin Lund To: freebsd-questions@freebsd.org, Chuck McManis Date: Thu, 01 Apr 2004 05:43:22 -0700 X-Priority: 3 (Normal) Organization: W.B. Software Inc. In-Reply-To: <6.0.0.22.2.20040330193019.02c985f0@66.125.189.29> Message-Id: <2VFDE0PL3VXT1Z72YFDJFICJEUPMON.406c0e6a@portege> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Mailer: Opera 6.06 build 1145 Subject: Re: unknown tcp connections to dawsonmail.com X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Apr 2004 12:43:10 -0000 Qwest is my phone company. When I signed up for DSL I opted for and external DSL connection. They supplied an ActionTec router/hub/modem. It has an HTML interface for configuration and it has a limited amount of traffic logging. The log shows the external domain and the internal IP address. There are several Windoze boxes and my FreeBSD box. The ActionTec does NAT. Anything that comes in that isn't a response to an outgoing packet would normally be dropped. But I have enabled an option to have all other traffic go to my FreeBSD box. I don't know if the log shows only outgoing traffic or if it includes unsolicited incoming stuff. If so the dawsonmail.com could be them probing me. But if they have managed somehow to get stuff into my FreeBSD system I want to find out how and to cut it off. 3/30/2004 8:35:26 PM, Chuck McManis wrote: >Its a bit confusing because you mention the DSL router and "my server" as >if they are two different machines. If they are, then are they the ONLY two >different machines behind the DSL router? Is it possible you have a Windoze >PC on your subnet somewhere? Seems that dawsonmail.com is a hostile web >site (it attempts to install adware) perhaps you have something connected >to it somewhere? > >--Chuck > >At 06:44 PM 3/30/2004, Lorin Lund wrote: >>I have freebsd 5.2 release running on my server. >>I have apache2 and MySQL installed and running. No other >>daemons to speak of. Yet my DSL router shows connections >>to dawsonmail.com. >> >>Does anyone have any knowledge or ideas of what might be >>going on? The DSL router does not show port info. >>Just the outside domain name and the inside IP address. >> >> >> >>_______________________________________________ >>freebsd-questions@freebsd.org mailing list >>http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > > >