From owner-freebsd-security Tue Mar 27 14:39:47 2001 Delivered-To: freebsd-security@freebsd.org Received: from courier.netrail.net (courier.netrail.net [205.215.10.53]) by hub.freebsd.org (Postfix) with ESMTP id 916DF37B718 for ; Tue, 27 Mar 2001 14:39:43 -0800 (PST) (envelope-from cschreiber@netrail.net) Received: from cschriaber (localhost.netrail.net [127.0.0.1]) by courier.netrail.net (Postfix) with SMTP id 46F53EE; Tue, 27 Mar 2001 17:39:37 -0500 (EST) Reply-To: From: "Christian S." To: , Subject: RE: funny packets Date: Tue, 27 Mar 2001 17:34:57 -0500 Message-ID: X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <20010328002907.A75059@mandark.attica.home> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paris. http://www.ripe.net/cgi-bin/whois?query=195.25.44.186&.submit=Submit+Q uery That should give you all the information that you need. :) Port numbers are strange - all non-priv ports, IIRC.. Regards, Christian "...we have only twice as many genes as a fruit fly, or roughly the same number as an ear of corn, about 30,000." Ergo, we are all corn. - -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Andre Goeree Sent: Tuesday, March 27, 2001 5:29 PM To: freebsd-security@freebsd.org Subject: funny packets Hello, While CVSuppin' ports i caught some strange packets: Mar 27 23:29:38 mandark /kernel: ipfw: 3900 Deny TCP 195.25.44.186:4828 213.227.128.244:4662 in via tun0 Mar 27 23:29:38 mandark /kernel: ipfw: 3900 Deny TCP 195.25.44.186:4828 213.227.128.244:4662 in via tun0 Mar 27 23:35:38 mandark /kernel: ipfw: 3900 Deny TCP 195.25.44.186:1075 213.227.128.244:4662 in via tun0 Mar 27 23:35:38 mandark /kernel: ipfw: 3900 Deny TCP 195.25.44.186:1075 213.227.128.244:4662 in via tun0 Notice the time between the messages, exactly 6 min. 195.25.44.186 was/is not resolvable. Any ideas? - --Andre. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use iQA/AwUBOsEVcikK9qTvGvteEQLnygCgtntt2ei6x8Ps9pdH2O/dIthdfc4AoJPd mWt+dQ2b8h9hp+SMAzZCkBwe =HLfU -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message